Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, searching hi & low, regarding intermittent disconnects for RDP sessions.Am interested in any pointers.Situation is following: Multiple RDP servers behind ASA, sometimes a user, and sometimes all users to one server from outside our ASA suffer int...
Hi, have to ask, as I've struggled long with this now. We have two sites, ASA in both ends. Can configure dmz to access inside, and static address translations for the outside, and vpn-tunnel in between the two inside networks.But we have trouble get...
Hi all,I have been struggling with a couple of newly installed asa5505. We can use the vpnclient into the appliances, but not from behind another asa. Behind the very same asa we can vpn to previous pix installations. But when we go to other asa inst...
We have the following problem:OutsideA/LanA --- vpn ---- LanB/OutsideBIn LanA and LanB we have DNS servers. When a DNS-Query on LanB is to be rewritten through the LanA side, and vice versa the DNS ReWrite doesn't work because of the NoNat setting fo...
Have two lans, connected over vpn tunnel. Inside is 192.68.1.0 and 2.0, connected and NAT exempt - all is fine.Want to add dns services in both ends, however due to the NAT exempt, dns replies are not dns-rewritten for the "other" net.In more detail:...
What do you mean by "bag"?I compared the stats against several other ASA we have installed at client locations. They all signal dropped packets when an ACL triggers, so the more attacks, (or harder rules) - the more drops. In none of the cases except...
Thx, for the input. We've had the problem before our fibre connection (justa month old).Here's a listing of the current stats:Result of the command: "show interface"Interface Vlan1 "inside", is up, line protocol is up Hardware is EtherSVI, BW 100 Mb...
My sweet solution isn't at all sweet. By having two domains, one for the outside, and the other for the inside, all services that rely on the host header (ie web sites, certs etc) also has to be duplicated.So to recap the problem, internal network, a...
No, that's already in place with the following ruleset:access-list inside_nat0_outbound extended permit ip any 10.0.0.0 255.0.0.0 access-list inside_nat0_outbound extended permit ip any 192.168.0.0 255.255.0.0 nat (inside) 0 access-list inside_nat0_o...
I managed to solve the vpn-pair problems, and the access from dmz-to inside, so traffic now flows properly between hosts not in any static translations. What remains to solve are traffic involving hosts in static translations, as that traffic does no...
