Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,Is it possible to change the default action for an access list deny? Can the ASA be configured to send an icmp unreachable rather than just dropping the packet if an access list denies the request? I have a situation where I would like to res...
I am looking for clarification about how the ASA handles scanning threats and the function of the threat detection command. After reading the documentation the function of the "threat-detection rate" command is still unclear to me. When does the AS...
I have an 8.3(2) ASA with a single outside IP. Dynamic PAT translates inside addresses to the outside interface address. I would like to use static NAT with port translation to access an inside syslog server. I got an error when I tried using the ...
What is the span (switched port analyzer) performance hit on a 3750 or a 3750X? I would like to mirror a source with high traffic volume to between four and six destination ports. I don't have a clear understanding of 3750 architecture. How is tra...
What support does the ASA provide for the ftp auth command? Is it possible to write an access list to permit some users to bypass ftps encryption while others are forced to use encryption? I would like my server to enforce ftp with ssl/tls. Howeve...
This is my response attempting to add the object network SYSLOG_SERVER commands. ERROR: Address 10.10.1.10 overlaps with outside interface address.ERROR: NAT Policy is not downloadedasatest(config)# show run nat!object network inside-net nat (inside...
Thank you Ganesh and Yogesh for your replies. I am trying to decide whether I need to purchase a network tap for the proxies. I hear different opinions from different vendors. I don't want to introduce more hardware in the path if I don't need it....
