Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
My legacy IPSEC and IKEv2 clients are able to connect and browse the internet via hairpinning through the ASA. However, the clients are unable to connect to the 10.0.0.0 network hosts attached to the inside interface. I added an ACL (VPN-LAN-access) ...
I have upgraded an ASA 5505 to 9.0(1) as I would like to use ipv6 version of dhcprelay. That said, I am unable to obtain a global unicast address but the link-local address is able to communication with the ISP's gateway/DHCP provider which I hope wi...
I am attempting to port-forward on an ASA 5500 to internal host .100. The outside interface recieves its IP via DHCP. Packets are being denied so I ran packet-tracer and get the following error from outside to ssh port on internal host. Any tips on w...
All,A friend has a WS-C3560G-24PS-S in which the POE has stopped working. I do not have access to the device but wanted to know if this is typical of a power supply problem or is it usually an issue with the circuitry in the device?
I recently upgraded to 8.3.2 and I was aware of the NAT changes but even after reading https://supportforums.cisco.com/docs/DOC-12569 I'm still unable to rectify VPN network 192.168.100.0 communication with hosts on 172.16.1.0 and 172.16.9.0. The VPN...
Thanks for the quick response.I made a few changes per you comments. Adjusted the NAT statement, enabled the sysopt option although I would prefer to keep it off and use ACL's as I *think* that would be more secure?, and disable the vpn-filter for th...
Jim, thanks again for the thougtful reply.Interesting. The long-range speculation is that residential IPv6 will use DHCPv6 for prefix delegation of /60's, which the local router or firewall will then parcel out into /64's for DMZ, gaming, regular ...
Hi Jim, thanks for the reply.More detail about "unable to obtain a global unicast" address would be helpful. For example, is the upstream ISP emitting router advertisements, or not? If they are really doing v6 you should be seeing router-advert...
The problem was with:(outside) to (outside) source dynamic VPN_NETWORK interfaceper:https://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/nat_rules.html(outside) to (outside) after-auto source dynamic VPN_NETWORK interface
