About Adam Handley

Adam Handley · 08-17-2017

Hi, I am trying to secure a server which is directly connected to a layer 2 switch port. I want to only permit access to the server from specific ip addresses. Example of commands entered are below. Server = 10.10.10.1 Access-list 102 permit ip host ...

Adam Handley · 10-29-2015

Hi, I am trying to firstly upload the new asa951-smp-k8 firmware into the firewall flash so i can upgrade the ASA. My issue is that it fails before it can finish uploading into the flash. I have tried this via TFTP and via the current ASDM but it loo...

Adam Handley · 12-02-2014

Hi, I have a really annoying issue with Natting on a Cisco ASA Firewall. I have an Internal device which needs to talk to a device which is in the DMZ. The routing etc is fine, they can communicate with each other. The issue is, the device in the DMZ...

Adam Handley · 07-29-2014

Hi,I am having issues passing traffic between two ASA firewalls. The VPN tunnel is up with one dynamic IP and one Static IP. I have attached a diagram of the VPN connection. I am unsure where the issue lies and what to check next. I think i have all ...

Adam Handley · 08-17-2017

Great, thanks Grant. Swapping the hosts round has worked. The aim is to secure the server so only a number of devices can connect to it to store their backups. Simplistic design but provides what we require and I don't expect the ACL rules to expand....

Adam Handley · 08-17-2017

Thanks for replying Grant. Yes the server is connected to G0/11 so which port should I be adding the ACL to? I have tried removing the implicit deny just in case that was causing the issues but with it being top down I tested some of the permit ACLs...

Adam Handley · 12-03-2015

Sorry for the late reply. The answer was the upgrade path. I had to go from 8.1 to 8.2 before upgrading to 9.5. Would be nice if the ASA told me that instead of just restarting :). Thanks Adam

Adam Handley · 12-02-2014

Thanks Jouni, really appreciate the help. The Static NAT section at the bottom was the key. (dmz, outside). I was sure i had tried that combination. tried it again and i am now able to get internal and external communication to the device in the DMZ....

Adam Handley · 12-02-2014

#Show run natobject network Sophos_Encrypt nat (Inside,DMZ) static 217.16.11.52This is the one that affects whether i can get internal or external access. If I leave it on (Any, Any) then it allows external access only. If i have it on (Inside, DMZ) ...

Member Since	‎04-13-2013 04:42 AM
Date Last Visited	‎10-11-2017 07:25 AM
Posts	27
Total Helpful Votes Received	5

User Statistics

User Activity

Adding Extended ACL to Port on Cisco 2960G Layer 2 Switch

Unable to upgrade ASA 5512-X Firewall

Denied due to NAT reverse path failure

Unable to pass traffic between ASA Site to Site VPN Tunnel

Great, thanks Grant. Swapping

Thanks for replying Grant.

Sorry for the late reply.

Thanks Jouni, really

#Show run natobject network