Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Per the release notes:If the configuration specifies both a global access policy and interface-specific access policies, the interface-specific policies are evaluated before the global policy.How does this work with the implicit deny rules on an inte...
Hi all,I'm returning to ASA's after having spending the last 4 years working with Checkpoint firewalls. I am getting set up to port my current configuration from the Checkpoints over to the ASA's, so I'm starting from scratch.I noticed that 8.3 came...
I have a very peculiar issue regarding two PIX515e's (7.0(6)) running a l2l config. Take the following diagram:HostA---PixA---PixB---HostBHostB runs an app that does large SQL queries against HostA. When there is a lot of traffic, the TCP connectio...
Hi all, I have a wierd issue that I've found the workaround to, but I'm not sure I like it. I was having problems doing large file transfers over a l2l VPN between two PIX 515e's. After way too much troubleshooting, I noticed that the "TCP packet ...
I hae a 7206 with an NPE 200 and 128MB RAM running IOS 12.1.2T. This router is used as a T1 concentrator, to backhaul remote sites back to a central Internet feed. There are 9 T1's total going into this unit, 5 of which are in a Multilink PPP bundl...
Thanks for the tips everyone.I'll be at least initially setting things up with 8.3. While this is a very important ASA, the operations it will be doing are pretty basic, and I have a test lab environment which I'll be able to test everything with. ...
Answering my own post, we updated the PixA to 7.0(6.4), and like magic, everything works. Not only does the app in question work, everything else over the VPN works *much* faster. Dunno exactly what they did in 6.4, but it made a huge difference fo...
Talking to the group that admins PixA: "The CPU has only went over 20% twice in the last 3 months and runs steady at 5-10%. Utuilization for outside interface is under 5% on avg and inside is the same."So I don't think it's overutilization that's ca...
Yes, HostA and HostB communicate fine. The problem actually affects any host behind PixA talking over the VPN to any host behind PixB. The problem only rears it's head during TCP sessions with a lot of data passing back and forth - ssh traffic is f...
