Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have two 5520s in active/standby configuration. Do I need to buy VPN licenses for both devices or just the active and they will tranfer to the standby in case of failover?
I want to start blocking traffic based on it's source (e.g. China) and need input as to the best way to do so. I assume that blocking it at the edge router is better than at the firewall but is it better (performance wise) to block it using an ACL o...
Here is the situation...I have an ASA 5520 in single context mode and I need to configure multiple inbound WebVPN portals for different clients. What is the best way to accomplish this? On my outside interface I have a public IP. If I try to add a ...
First I hope this is the right place for this...Anyway, I have a ASA 5520 that we use for both SSL (AnyConnect) and WebVPN VPN access. I have it set up and running smoothly (knock on wood) with several connection profiles and group policies. I am tr...
I have a 4255 that I inherited in my new position and after failing to connect via conventional methods (SSH, telnet, IPS Event Viewer) I connected to the console. No response from the device. I cycled the power on the device and the only thing tha...
Thanks Jorge. I understand filtering at the edge as we already are using ACLs. We allow only certain types of traffic to the outside interface of our firewall but what I want to do is limit where the traffic comes FROM not where it's going to. My q...
Is that the only way to accompish this? For security reasons we do not want clients to be able to see each other, even if only in a drop down menu. Also, we already have multiple group policies and connection profiles set up that are assigned by th...
I have ASAs that I monitor using the ASDM (v. 6.02) Under monitoring, VPN statistics, Sessions you can filter by Remote Access, Site-to-Site, clientless SSL, SSL client or email proxy. Under Site-to-Site there are stats for connection/IP address, pr...
