Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I recently updated ASA 5510 from V8.0 to V9.1. In 8.0 I had elevated the severity of event 302013 so ASA sent it to syslog. It gave me inside and outside IP addresses of every TCP connection. When the IPS called, said an inside user was infected a...
Our ASA 5510 was configured with a public interface, a DMZ interface, and a private interface. I have a remote access VPN using AnyConnect client and LDAP authentication for Active Directory. We are changing ISP (groan!), which means all new publ...
Cisco ASA 5510 ASA 8.0(4) ASDM 6.1(5), with inside, outside, and DMZ interfaces. An inside host is dynamically NATted to the outside to browse. I've added an inside router with 2 ethernet interaces, to work with subnetting the inside network. A ho...
ASA5510, ASA 8.0(4), ASDM 6.1(5), this is a productino ASA with plenty of lookups working through its 3 interfaces - outside, inside, dmz. The problem is a new use. I've segmented a switch on the inside network with a VLAN, and have a workstation r...
My ASA 5510 inside interface is the default gateway for my inside network. A couple of routers to vendor-supplied leased lines, also with inside network interfaces, need routes. I try to define them on the ASA rather than define them on all hosts t...
The ASDM syslog info showed ID 302013 still set to Errors, not disabled. But a sho run log showed:no logging message 106015no logging message 313001no logging message 313008no logging message 106023no logging message 710003no logging message 302015...
To tack on thoughts from my further research, it looks like maybe a no. Traffic from remote access client arrives from a random public IP address, so traffic back to the client must take the default route. That would rule out making both interface...
Long interruption, sorry. I did enable proxyarp again. Now I'm back to my 'inspect-dns-invalid-pak' errors. I think at this point my plan is to be sure I have an inside router being my default gateway. I'll let it do the inside work, and let my ...
I used 10.1.5.90 as the mapped address My Test PC has 10.1.5.90 as DNS Server.I try to do a nslookup, it gets "Can't find server name for address 10.1.5.90"I'm running Wireshark monitoring the switch port that is the network inside interface, 10.1.8....
Yes. I've spent my time with the ASDM, not enought with the command line, I'd confused Static NAT and static route. The NAT entry is in OK, but the global command gives me:
