Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
ASA is in transparent mode (5512-X/9.1(5))Inside network is 10.1.0.0/24. Router 10.1.0.1 is on the outside interface.Syslog message: Deny inbound UDP from 10.1.0.103/5353 to 224.0.0.251/5353 on interface insideI have the ASA configured with access-li...
When we use Aspera, it maxes out our bandwidth and we cannot do anything else while the download is going on.3220ASA1# sh conn add 192.168.0.105 prot udp110 in use, 509 most usedUDP outside 153.7.233.153:33001 inside 192.168.0.105:60064, idle 0:00:00...
How would I go about giving a server on the inside interface of my ASA a public IP address. I have a /28 on the outside interface and I'd like to give a server a public IP and not NAT.I'd not sure how to go about getting this done.show run nat=nat (i...
On the ASA you'd do this with an ACLobject-group service EXCHANGE_SERVICES tcp port-object ew www port-object eq imap...etc etc access-list outside_in extended permit tcp any host 192.168.203.24 eq wwwaccess-list outside_in extended permit tcp and ho...
Can we see the access-lists?Sounds like DNS doctoring is what you're looking for: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/71704-dns-doctoring-2zones.html
I don't want to have an input access-group for the inside interface as I don't want to explicitly define traffic allowed out of the network. I want all traffic allowed inside to outside.Is there another way to do it?
Do: sh run | i registerThe config register should be 0x1If it is other that 0x1, do:conf tconfig-register 0x1Make sure to backup your config: more system:running-config Then: reload
