Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
If I have a firewall with no code on it and boot it into rommon mode, can I pull a code off a USB drive, or can I only do it by setting up TFTP parameters and then copying it down from TFTP server? thank you
Is there a way to set the order of preference you want a remote access client to authenticate to radius servers? We have 2 Radius servers currently configured, need to add 2 more that will take the place of the first two. But I don't want to remove t...
Is the output of the "show nat" command, which shows the number of thits on NAT rules, a reliable counter in the same way that access-list counters are, meaning unless cleared or if the firewall is rebooted, can I count on these hit counts as being a...
It is my understanding that you can configure up to 4 DHCP servers on an ASA. So if an ASA was configured this way, (with 4 relays configured on the same interface) does the firewall go through the list of the 4 relays in the config in order? If the ...
I've got an old PIX running 6.3 code. Finally upgrading to an ASA 5515 running 9.2 code. I can't keep up with all the NAT changes that have taken place through the years. I have several of basically no nat statements on the PIX, like below: static (i...
thanks for reply. forgot to state, the firewall is a 5515. not sure what you meant by "TFTP you need to setup one". Can I pull a code directly off a USB drive from rommon mode, or am I forced to use TFTP? can you point me to the steps to pull a code ...
The Radius server is supported by another group and I am not getting far with them. They are not providing me back with any logging, etc. The ASA that took the place of the PIX has the exact same addressing, so I'm assuming the Radius server would no...
I don't understand how that gives me the ability to PAT to the interface as well as a separate IP address, defined as x.x.x.x in my example. As I don't see reference to an IP address in your example, how can your command be provding that?
Thanks for that. I knew it had to be something simple I was missing!Does anyone know if you can continue to put in a nat statement on the new code that will give me the same as the following does on a PIX?nat (inside) 1 0.0.0.0 0.0.0.0 0 0global (ou...
I was able to get it to verify. I had been connecting to the firewalls via a saved securecrt session. I decided to try connecting from a newly created session, and that worked. Not sure what the issue is, but it didn't like something about my saved ...
