Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I got a VPN request form from one of our partners.On my side I have one ASA 5520 running 8.0(3)On their form, It says that their endpoints are two boxes, sitting on different citiesIt also says that there is only one encryption domain, (actually just...
Hi guysI have an ASA 5520 running 8.0(3) with two Subinterfaces configured like this:=================================interface GigabitEthernet0/1 nameif inside security-level 100 no ip address!interface GigabitEthernet0/1.72 description VLAN 72 vlan...
I have a couple of Cisco 2960's sending syslog messages to a remote syslog-ng on port 514 (standard).I need to set another Swtich so it sends traffic to the same syslog server but on another UDP port (such as 714),, is that possible,?I cannot find th...
Hello guys,, first time posting on this forum.Im running ASA 8.0(3) on Active/StandBy failover pair.Last night I realized the CPU usage of my production ASA was 99%,,, on the ASDM Firewall Dashboard I can see counters like this:Dropped Packet Rate (A...
Hi Varun RaoI was trying the sequence I got from this thread.Now I have an issue,I dont kknow how to make the vlans to go out to the internet.The rule I explicitly add to block traffic any to any on each vlan, is also preventing them from going out t...
So, probably the right answer would be:1- Make the VLANs subinterfaces with the same Sec Level2- Allow the same-security3- Right at the moment of creating the subnets and before putting them in production, create ACLs that explicitly block all traffi...
Hello VarunWe have multiple Dev Teams, and we are trying to host small silos for their apps.Silo 1 = App 1 = Vlan1Silo 2 = App 2 = Vlan2Devs that access one Silo, should not access the other one (SSH, Telnet, etc)But those two Silos needs to interact...
I checked that post already, but it looks like they had a diffferent problem (he had the 'enable traffic between int with same security lavel" ENABLED,,, I actually have it the other way around.If I have it ENABLED, then all traffic is allowed, even ...
Thats what I was afraid of.I didnt see it on the Documentation.I might have then to try another trick, maybe a Middleware Syslog, with some filters and then a forward to another port.Thats a shame it doesnt support it.
