Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I am trying to configure my ASA to require authentication for all outbound traffics except to some selected networks. I have come up with a configuration (below) and for some reason everytime I apply it, everybody is requiring to authenticate ev...
Hi, I am new to AnyConnect so please bear with me. Anyway, I am trying to setup AnyConnect and right now, I got it to work. One question that I have is, I would have multiple vendors wanting to dial-in and different Vendors need to access diff...
Hi, I have a site where everybody on the inside interface has to be authenticated by a RADIUS Server. I have that part working but the problem is I've got a lot of AAA entries for exclude. What I want to accomplish (if possible) is to use access-li...
Hi, I am currently using an ASA 5505 with Security Plus License (P/N: ASA5505-SEC-BUN-K9) Appliance. What I am trying to do is create a multiple network and be completely separated from each other and on the inside interface (or network), I want...
Hi, I have 5 usable static IP Address provided by my ISP. I am using an ASA5505 with Security Plus firewall. My question is, can I assign each usable IP Address to a specific VLAN so that when they go out to access the Internet, it will show that t...
Thanks for your reply. Can you have aaa authentication match and aaa authentication exclude on the same configuration? What I was trying to do is use the access-list for the exclusion instead of assigning gazillion of lines of excludes. Thanks for...
JP, So you mean you don't have access to the Firewall configuration? If the answer is yes, then it is a policy that your Administrator set and they need to allow split tunneling so that you can still access the internet while you're connected th...
JP, Without seeing your configuration, it sounds like you son't have split tunneling enabled on your group-policy. Add the following lines on your configuration and if it still doesn't work then post your configuration (masking Public IP Address...
Sorry for the delay. I have modified my access-list to use object-group. Please see the modified configuration and anybody who can recommend maybe a more efficient and secure environment than my current configuration, I'll appreciate it. By the wa...
