About brquinn

brquinn · 01-16-2012

IntroductionDynamic PAT Example Output:Static NAT Example Output:Dynamic NAT Example Output: IntroductionTo put it simply, the idle timer in the conn output shows the time since the last packet. The idle timer in the xlate shows the time sinc...

brquinn · 01-09-2012

Question: Why is there both NAT and PAT entries in the xlate table for the same local IP address? This write-up will focus on ASA and ASASM version 8.3 and above. It does NOT focus on similar behavior in version 8.2 or before, or the FWSM.Short Answe...

brquinn · 12-05-2011

IntroductionThis is a basic configuration example of Transparent Mode configuration on an ASA 5505. This configuration is only valid in version 8.4 and later since it utilizes bridge-groups.Configuration Exampleinterface Ethernet0/0 switchport acces...

brquinn · 05-11-2011

Version 8.2.3 and 8.3.2Version 8.4.1Related Documents There have been several issues with SSH failing to the ASA. Below are the most common issues we see. They are documented along with the version which contains the fix. Version 8.2.3 and 8.3.2 The...

brquinn · 05-02-2011

Quick and dirty ROMMON recovery procedure for the ASA 5505.

brquinn · 03-05-2014

Your netmask is wrong for your 10.0.0.0/8. I would not worry about port/protocol either since that can screw you up. A better way to do it would be to deny all IP vpn traffic.ip access-list extended NAT-Outbound deny ip 10.160.8.0 0.0.0.0.255 10.0.0....

brquinn · 05-16-2013

I believe this was resolved at the time. If you have a specific concern about a false positive, go ahead and open a case with TAC. They will need to review the website(s) and change the classification. Regards,Brendan

brquinn · 01-13-2012

I haven't heard anything about the ASA implementing this for local passwords. The best avenue for feature enhancement requests is through your Cisco Account Team. If you don't have an account team, your Partner should help to put you in touch with th...

brquinn · 01-13-2012

A little late to the game here, but this feature is actually implemented in IOS. See below.IOS Security Command Reference - aaa password restriction http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_a2.html#wp1080825 Product Security...

brquinn · 09-27-2011

Once you enable asdm history, the asa will start to keep some historical metrics in ram. If you choose a graph from the monitoring tab, there will be several historical view options.Ex:- Go to: Monitoring > Interface Graphs > Outside- Add one of the ...

Member Since	‎03-05-2007 07:25 AM
Date Last Visited	‎09-17-2018 07:18 PM
Posts	143
Total Helpful Votes Received	102

User Statistics

User Activity

Understanding xlate and conn idle and timeout values through example

Why is there both NAT and PAT entries in the xlate table for the same local IP address?

ASA 5505 8.4 Transparent Mode Configuration Example

Known issues with SSH on the ASA

ASA 5505 ROMMON Recovery

Traffic Split Between Static NAT and VPN

ASA botnet filter, akadns.org false positive?

Enforce password complexity for local users

Enforce password complexity for local users

ASDM Help. History Veiwing