Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
IntroductionDynamic PAT Example Output:Static NAT Example Output:Dynamic NAT Example Output: IntroductionTo put it simply, the idle timer in the conn output shows the time since the last packet. The idle timer in the xlate shows the time sinc...
Question: Why is there both NAT and PAT entries in the xlate table for the same local IP address? This write-up will focus on ASA and ASASM version 8.3 and above. It does NOT focus on similar behavior in version 8.2 or before, or the FWSM.Short Answe...
IntroductionThis is a basic configuration example of Transparent Mode configuration on an ASA 5505. This configuration is only valid in version 8.4 and later since it utilizes bridge-groups.Configuration Exampleinterface Ethernet0/0 switchport acces...
Version 8.2.3 and 8.3.2Version 8.4.1Related Documents There have been several issues with SSH failing to the ASA. Below are the most common issues we see. They are documented along with the version which contains the fix. Version 8.2.3 and 8.3.2 The...
Your netmask is wrong for your 10.0.0.0/8. I would not worry about port/protocol either since that can screw you up. A better way to do it would be to deny all IP vpn traffic.ip access-list extended NAT-Outbound deny ip 10.160.8.0 0.0.0.0.255 10.0.0....
I believe this was resolved at the time. If you have a specific concern about a false positive, go ahead and open a case with TAC. They will need to review the website(s) and change the classification. Regards,Brendan
I haven't heard anything about the ASA implementing this for local passwords. The best avenue for feature enhancement requests is through your Cisco Account Team. If you don't have an account team, your Partner should help to put you in touch with th...
A little late to the game here, but this feature is actually implemented in IOS. See below.IOS Security Command Reference - aaa password restriction http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_a2.html#wp1080825 Product Security...
Once you enable asdm history, the asa will start to keep some historical metrics in ram. If you choose a graph from the monitoring tab, there will be several historical view options.Ex:- Go to: Monitoring > Interface Graphs > Outside- Add one of the ...
