About jafaruddinlie

jafaruddinlie · 09-16-2010

Hi guys Not sure where this falls under.Here's the scenario: We have a mail server that needs to send out bulk emails to internal and external addresses. Sometimes, the mail server would need to send a lot of emails in one burst, so to speak, and I ...

jafaruddinlie · 08-30-2010

Hi guysJust wondering if this can be done:We have a RSA server and TACACS server, all working fine.We would like to put in 2 factor authentication using our RSA token to manage our ASA box.Now, I have got the 2 factor authentication working (tested i...

jafaruddinlie · 04-07-2010

Hi guysBeen working on this issue for a while now, and I don't know ASA very well to know where to troubleshoot.Here's our issue: we have issues connecting to FTPES sites (FTP over Explicit TLS/SSL (port 21), not SFTP (port 22) ) from our network.Nor...

jafaruddinlie · 09-16-2010

HI Nagaraja (does it mean king of the dragons? ;))Thank you for your reply.Here's my response:AIP-SSM Module: yes, we do have that module. It is set as inspect but blocking isn't turned onESMTP Inspection: the first thing I did to troubleshoot this w...

jafaruddinlie · 09-16-2010

Yep maybe I didn't explain myself very well  Thank you for your reply, sorry it took this long for me to write back. I'll have a look at the timeout issue, thanks for the heads up. Could be some ports that need to be opened, who knows 

jafaruddinlie · 04-07-2010

SOLVED!!!!Your last message about a filter got me thinking.I had a closer look at the internal firewall that we have (Watchguard).It turns out that it is doing some funky inspection stuff with FTP.I created a new FTP rule and deleted the old one, voi...

jafaruddinlie · 04-07-2010

acerasa# sh run class-map !class-map IPS_Class_10 match access-list global_mpcclass-map global-class match default-inspection-trafficclass-map class_ftp match port tcp range 1 1023class-map class_ftp1 match port tcp range 1024 65535class-map type ins...

jafaruddinlie · 04-07-2010

Thank you for that.I have understood a heck a lot more now.Half-way there, thanks to your help.It is definitely a NAT issue now.We have 4 interfaces on the ASA, external, internal, dmz1 and dmz2.I have managed to connect the machine to the FTP site f...

Member Since	‎04-07-2010 04:16 PM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	11

User Statistics

User Activity

ASA Mail Blocking? Issue

ASA TACACS + SDI (RSA) Authentication and Authorisation

ASA 5520 + FTP over Explicit TLS/SSL Client

Re: ASA Mail Blocking? Issue

Re: ASA TACACS + SDI (RSA) Authentication and Authorisation

Re: ASA 5520 + FTP over Explicit TLS/SSL Client

Re: ASA 5520 + FTP over Explicit TLS/SSL Client

Re: ASA 5520 + FTP over Explicit TLS/SSL Client