Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all, I am having difficulty configuring a sorry server for an existing https serverfarm. The sorry (backup) server is failing all connections and I think it's because I can not determine a way to differentiate ssl connections for the producti...
I'm looking for documentation regarding the CiscoSecure Remote Agent in ACS SE 5.0 - this appears to no longer be necessary in v5.0 but I can't find anything detailing this feature enhancement between 4.2 and 5. Anyone point me in the right directio...
Hello all, thank you in advance for any and all suggestionsI have inherited a network with redundant 6509 "DMZ" switches with a single FWSM installed in each - routed, single context, in failover configuration. Each FWSM has multiple VLAN interfaces...
I have AAA configured on an ASA 8.0(3) to a CiscoSecure ACS server as follows:aaa authentication http console tacacs-group LOCALaaa authentication enable console tacacs-group LOCALaaa authentication serial console tacacs-group LOCALaaa authentication...
Hi,I am attempting to setup a provisioning environment for new SOHO users. What I would like to do is have the new SOHO users order a Cisco 871W, and when it gets to their house, I want them to run a custom setup script I am writing that checks the ...
This post was 95% helpful. I banged my head around for a bit before I realized that step 4, last line is incorrect. It should be tar -xtract, not tftp -xtract - i.e.:tar -xtract tftp:///c1200-k9w7-tar.122-15.ja.tar flash:This command allows the AP...
This appears to be expected behavior. As you have assigned the host to a NAT group on the inside interface (5) but not created a global group (5) on interface dmz1, then the FWSM does not know how to NAT the connection. I had run into a similar pro...
Any progress on this issue? I have a MAC user that is experiencing the Split-DNS problem using the IPSEC client as well - only queries for names in the first domain in the Split-DNS list is actually being tunneled to the corporated DNS server.Has an...
sounds very ARPy. You have stated that you have cleared router caches, reloaded, etc - where are the DNS servers in relation to the ASA? I think you may have to take packet captures closer to the DNS server, rather than taking captures directly on ...
Often this issue crops up depending on how the internal clients are accessing the DMZ server. If access is based on FQDN rather than IP address, the problem may be solved by rewriting the DNS response.For example, if an "inside" host wishes to acces...
