Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi There, We have multiple vpn tunnels coming to our cisco asa 5520 , the problem is that when we create another tunnel with the same network as another network on the firewall , it does not know how to route the traffic to which interface or sub int...
Hi all, I am trying to troubleshoot a site to site VPN tunnel, I do not have a syslog server . the question I have :1) How can I check the event log on my firewall using the CLI2) Also when I go to ASDM realtime log viewer and log buffer I can not se...
Hi There,Can you please help, I have servers sitting on the internal LAN inside 1( 192.168.76.0 /24 ) I would like all the hosts on this network to browse the internet by using the external address of the firewall (outside), I need to do a NAT to hid...
We have an ASA 5510 which we are looking to take out of action, and the idea is to get an ASA 5540 to replace it.. can we simply migrate the config across to the new firewall and is there anything special we need to do . . it will be great if there a...
Hi There, just a quick question,We have recently bought 2 * Cisco ASA 5520 ... which we will be set up as an Active / Active Cluster, We have some web servers that require COOKIE BASED web load balancers . Does the ASA 5520 support such load balancin...
Hi MikeOutcome of the packet trace:Phase: 1Type: ACCESS-LISTSubtype:Result: ALLOWConfig:Implicit RuleAdditional Information:MAC Access listPhase: 2Type: FLOW-LOOKUPSubtype:Result: ALLOWConfig:Additional Information:Found no matching flow, creating a ...
Hi Mike / All thanks for that,I did add the nat rule as he said :ciscoasanode1newbury(config)# sh run natnat (management) 101 0.0.0.0 0.0.0.0nat (inside1SYHA) 101 192.168.76.0 255.255.255.0I can ping the firewall but still can not browse the internet...
sh run nat posted as requested:ciscoasanode1newbury(config)# sh run natnat (management) 101 0.0.0.0 0.0.0.0nat (inside1SYHA) 1 192.168.76.0 255.255.255.0ciscoasanode1newbury(config)# sh run globalglobal (outside) 101 interfaceciscoasanode1newbury(con...
Thanks for the reply ,, does that mean that every network on the inside interface ethernet 0/1 will have access to the outside ,, ( ie internet ) ..??Also if have multipule VLAN how do I handle this ,,lets say I have VLAN 100 and VLAN 200 ( differen...
