Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Has anyone ever tried to export an identity certificate from an ASA unit for import into IIS? Running 8.2(1) and ASDM 6.3(1).Via the ASDM, I've tried to export the cert in either PKCS12 or PEM format but I can get neither working. When trying to im...
I have a bunch of Cisco ASA unit's all sending tcp based syslog data to a central Kiwi Syslog server. I have the units configured to continue functioning after syslog communications failure.We have patches applied on a regular basis and when the Sys...
Running a packet capture on an ASA 5520 and I'd like to transfer the capture bucket in pcap format to my computer for analysis. I can get an ASCII record of the packets copied over using the "copy" command, however, I'd like to transfer the pcap dum...
Swapping out a CheckPoint firewall for a new set of ASA's, running 8.0(3) and ASDM 6.1(1).One of the features that I'm trying to replicate with the crossgrade is HTTPS based direct network access authentication (or client auth in CheckPoint-speak)Wit...
I'm drafting some ASA rollout procedures and wanted to document a build from scratch. Using a test ASA5520, I booted into monitor mode and erased the flash, with the expectation that I would be able to upload the latest image release onto the unit. ...
Mike - you hit the nail on the head I did the export via the CLI (though I think the export was similar to the PEM format that was done from the ASDM). The trick was in the OpenSSL manipulation of the file after the export was done. Your command to...
With a PEM export, the ASDM lets me export without a passphrase. With PKCS12, it seems to require one.Some questions:-) What version of the ASA OS are you running in your lab? What version of ASDM?-) What type of export did you do - PKCS12 or PEM?-...
I know you've said that routing is functioning on the internal network, but I still think there's something that's pushing traffic destined for the 2.x network to the firewall.You said that you have some kind of anti-spyware device sitting between th...
Can you sanitize and then post the config? IMHO, it still looks like something is bouncing the response packet going back to the 2.1 address via the firewall from the internal network. Can you run a capture as well and then post the *.pcap?Tariq
Maybe anti-spoofing? If the firewall is directly connected to the 192.168.1.0/24 subnet, do you have a route pointing the 192.168.2.0/24 network to the internal router via the inside interface?Tariq
