Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,One question I have seen asked repeatedly is "How can I add an ACL to allow *some* traffic from one security interface to a higher one, while still allowing (the implicit rule for) all traffic to lower ones?" The answer is always that you can't...
Hello,I am having an issue where ICMP "Unreachable, need to fragment" packets sent by the ASA are not delivered, apparently due to asymmetric NAT rules, when communicating over IPsec VPN. The device is a new Cisco ASA 5510 with Security Plus, running...
This is my first post so I hope I explain the problem suitably and can get someone interested. I seem to be having an issue where certain very packets are being dropped/lost by my office router. The reproducible situation is, when I attempt a DNS zo...
Hello,I have confirmed that it is the same bug I was experiencing.Thanks for sending the link to software images but I do not have access. I would need an active support contract for access to those downloads. However, as the unit is under warranty I...
Hello,That is very useful thank you. The bug description you sent seems to match my problem exactly.I am on version 8.2(5)26 and I do not have a support contract, but the unit is in warranty (purchased at the start of the year). Am I entitled to an u...
Hello,I did some more testing on this whenever I had time but I couldn't find an alternative solution that didn't involve changing the MSS of TCP handshakes. I'm marking your solution as the correct answer. Thank you very much for your help.Regards,B...
Hello,It appears that attempts to get IPS auto-update working (whether by ensuring that password is not 8 characters long, or using the workaround of manual update) may be moot. It looks like Cisco has not released a new IPS Signature package since M...
