Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello there,We are trying to connect to an anyconnect instance through an RDP session. We have no difficulty connecting, but once we do the RDP session is terminated. This makes sense in theory, but is there any way to avoid this? Enabling split-t...
Hello Support,Probably an easy question and may be buried within these forums (but I can't find it). I'm attempting to replace a 5510 with another 5510 and having all sorts of difficulty. Devices the PAT against the outside interface have no problem...
Hello World,I'm receiving an error when trying to access a web server behind from one subinterface to another subinterface on an ASA access the public IP. I'm getting the following: Global Static NATDeny IP spoof ...
Hello Folks,Is there an elegant way to perform QoS/Shaping/Policing on traffic entering a network through a firewall via Public IP?Let say I want to throttle traffic coming from 8.8.8.8 into my network, could this be done?Thanks!
Hello All,I'm so accustomed to < 8.3 and am having great difficulty getting an environment working properly so I'm now going to leverage the Cisco community!We are setting up a network with customers behind a pair of 5510s. All of these customers wi...
Journi,Another question is why would this not affect devices behind the firewall that were patting against the global interface? Why would this solely affect static NATs?
Hello Journi,We did clear the ARP tables on the switches behind the firewall and even rebooted them. I didn't clear the ARP table on the new firewall, but would we have to? Hard coding the MAC is definitely an option, but you wouldn't think swappi...
Journi,As always, thanks for the quick reply. We have no access to the upstream device. We have two firewalls. The old one is running 7.2 and the new one is running 8.2. We are trying to migrate to the new one and update the old without downtime...
Journi,No real elegant NAT configuration on the firewall. Just a dynamic NAT on the subinterfaces. Version 8.2.5. The subinterface has the following NAT config:nat (Customer11) 1 0.0.0.0 0.0.0.0nat-controlglobal (Outside) 1 interface
Thanks so much for the thorough answer Jouni.I guess I'm just surprised that there isn't a more elegant solution than creating a huge ACL for each subinterface. Just curious that because we'd be applying the ACL to each subinterface, wouldn't we ha...
