About kerryjcox

kerryjcox · 03-29-2016

I configured my 2504 to run the latest software and it works just fine with my 1142s running LWAPP. However, I want to run them in my home and there is no Ethernet cabling. Looking through all the Cisco pages I cannot find any reference to setting th...

kerryjcox · 01-14-2015

I am spinning up a new VDI environment in another subnet behind our ASA 5525. There are currently three internal subnets:inside 10.1.1.0 /24 security 100dmz 192.168.1.0 /24 security 50citrix 172.16.1.0 /24 security 100I have Citrix users connecting i...

kerryjcox · 01-09-2015

Greetings,I was finally able to get a secondary ASA 5525X firewall into my collocation facility. I have a single uplink to the Internet (collocation port on patch panel) from Gi0/0 on my primary 5525X. I have a /26 block of IP addresses, so I can eas...

kerryjcox · 12-18-2014

So, I have been presented with an interesting challenge. I would prefer using an internal Linux host to solve this, but my manager is convinced the ASA can do this. Hope this is the correct group. This is a NAT and routing question.We have two VPN tu...

kerryjcox · 08-20-2014

I inherited two 5525-X firewalls. The one has a VPN Premium License, while the other I can only get to boot into ROMMON mode. There also does not appear to be any flash drive on which I can save the config, so I am guessing the two were bought to be ...

kerryjcox · 03-29-2016

Ahh... I just got down converting them all to Lightweight mode as that worked fine for me before. I'll check the link and see what I can do. Thank you very much for the response.

kerryjcox · 01-14-2015

Karsten,Yes, I tried your way, but it did not affect the users in the citrix subnet or 172.16.1.0/24. Had the users been in the same subnet, then it would have been relevant. I did try using the "Translate DNS replies" option, but that was no good fo...

kerryjcox · 01-14-2015

I figured it out. Took a couple tries, but here's the result which now works. Users in 172.16.1.0/24 can access hosts in the inside subnet (10.1.1.0/24) by using the externally resolved DNS name or blah.mycompany,com.Here's the line:nat (citrix,insid...

kerryjcox · 01-09-2015

Might I also suggest MRTG or PRTG. I have been using the former for years and the latter looks to be promising but with a cost. Nothing like nice green graphs to show bandwidth over time.

kerryjcox · 12-18-2014

Tried the following but with no luck. From the IP of 10.120.139.12, I cannot ping 10.10.5.145 which should NAT over to the other VPN IP of 10.109.1.253.I am certain I am just missing something: object network COMPANY_A subnet 10.120.139.0 255.255....

Member Since	‎05-08-2008 07:20 PM
Date Last Visited	‎05-23-2018 02:01 AM
Posts	117
Total Helpful Votes Received	4

User Statistics

User Activity

Bridging 1142 LWAPPs using a 2504 WLC

Hairpinning on ASA 5525 running 9.1(5)

Single Internet link split between failover 5525 firewalls

NAT from one VPN tunnel through 5510 over another VPN tunnel

Setting up failover on two ASA 5525-X firewalls

Ahh... I just got down

Karsten,Yes, I tried your way

I figured it out. Took a

Might I also suggest MRTG or

Tried the following but with