Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
So, we've been trying to get our network ipv6 compatible and had to upgrade the IOS on our ASA 5510 to 8.4 Little did we know that upgrade to 8.4 would need me to change all out NATs and Access-lists. We have a 1-1 NAT configuration that I need to ...
Julio and Luis,Are my access-lists correct ?I noticed that in ASA 8.4+ we have to use the private IP address in the Outside-coming-In. Is that correct ?I will be trying to install the ASA again later on today. This time I will be using another Switch...
Julio,Here is the output of the packet trace command from my test environment:Phase: 1Type: ROUTE-LOOKUPSubtype: inputResult: ALLOWConfig:Additional Information:in 0.0.0.0 0.0.0.0 outsidePhase: 2Type: IP-OPTIONSSubtype:Result: ALLOW...
Also, No way that I can reload the ISP router.I have the ISP connection come in to a Cisco 2900xl Switch on a seperate vlan, and from there it goes to the outside interface of the firewall.
Ok Julio,I will try the packet tracer when I bring it back to prod (its a physically different location).In the meantime - is my Static NAT configuration correct ?I'm trying to setup a 1-1 NAT for a Class C network.object network obj-192.168.1.78nat ...
Hey Julio,When I had the ASA hooked up to the prod network,:1) I could ping out from the ASA to 8.8.8.82) I could ping the gateway 20.x.x.13) None of the servers behind the firewall could ping 8.8.8.84) servers could ping inside 192.168.1.1So to answ...
