Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a functioning site-to-site VPN between two ASA 5505 appiances. Sub-net on one side is 192.168.20.0/24 (inside I/F) and on the other side is 192.168.30.0/24 (inside I/F). VPN is built over public Internet (outside I/Fs of those two ASAs). Now I...
I need to connect two internal LANs each of which has ASA as a firewall to outside. One has ASA 5505 with two interfaces and another - ASA 5510 with three interfaces. I managed to pass echo packets from one internal LAN to another, but not the TCP pa...
I have a small problem connecting XP L2TP client to ASA5505 L2TP/IPsec VPN. I have internal and external IPs for the same domain. When I am on VPN I suppose to resolve the same domain name into internal IP and this is happening on Windows 7, but not ...
Thank you for reply! It seems that based on a packet-tracer info ICMP packets should be going fine (see below), but when I do "ping 192.168.35.3" from 20.0 network - I get "Request timed out". asa-office# packet-tracer input inside icmp 192.168.20.12...
OK. Finally I managed to work it out. I disabled TCP State for that route (PBR is not available in ASA as I misassumed in previous suggesion). Here is what I did - just for sake of someone who might bump into similar problem:ASA(config)#access-list S...
Julio,I think I found explanation of my case - see this link: http://www.8-p.org/wiki/doku.php?id=asahairpinningAs I understand - when TCP packet originated from 30.0 net - it is routed via ASA5505 towards ASA5510, but when ASA5510 ack - it sends rep...
Windows firewall is disabled (entire service) on all our servers.I am not sure what you ask me to do with other server - do you want me to run packet tracer and use 30.2 instead of 30.6?
Julio,On 192.168.30.6 the default gateway is 192.168.30.1 (e.g. ASA 5505's inside interface). Here is trace from ASA 5505:Result of the command: "packet-tracer input inside tcp 192.168.30.6 1025 192.168.35.2 3389"Phase: 1Type: CAPTURESubtype: Result:...
