About Eric Washington

Eric Washington · 05-21-2014

We have an HA pair using 5510s version 8.4(5). The secondary unit is currently active because the primary has an issue. When we replaced the primary (we didn't failover yet) users reported issues with several services including webmail. The time peop...

Eric Washington · 08-06-2013

We've pointed all of our devices from ACS 4.1 to 5.3 and I see under Authentication Options > Radius > CoA port is 1700 by default. Should I change this to 1812?

Eric Washington · 07-29-2013

Last week I disabled several rules on our ASA because the rules had 0 hits. Well one of the rules needed to be re-enabled to allow a department access to an application. It works after re-enabling the rule, but I don't understand why am I not seeing...

Eric Washington · 07-16-2013

I'm going some cleanup of our ASA firewall access rules and I want to delete the rules that have 0 hits. But I do not know how to check when the counters were last cleared on these rules. Please help!Thanks in advance!

Eric Washington · 06-12-2013

I was asked to create rules with the following TCP ports: 41000, 41002, 41025. Since these ports did not exists, I just created new TCP service objects. The issue is I put the those ports as source port/range and destination port/range in the Add Se...

Eric Washington · 08-07-2013

I'm using ACS 5.3 and when I check Radius I see the default CoA port is 1700. So I should just leave the default?

Eric Washington · 07-29-2013

Thanks again Jouni!I know how to remove the host from the rule - that isn't the issue. I want to know if that host that isn't receiving hits the reason that the entire rule doesn't show hits in ASDM.So basically if I remove that one address that ends...

Eric Washington · 07-29-2013

Here is the ruleWHQ-ASA-01/pri/act# sh access-list | i inside_access_in line 205access-list inside_access_in line 205 extended permit object https any object-group DM_INLINE_NETWORK_60 0xcfce8697 access-list inside_access_in line 205 extended permit...

Eric Washington · 07-29-2013

I just figured it out as you posted this haha. Thanks Jouni!Is it possible that the rule doesn't show any hits because of the destination ip's doesn't have any? Here is my output from CLI:WHQ-ASA-01/pri/act# sh access-list | i 153.69.200.107 access-...

Eric Washington · 07-29-2013

I went into ASDM, right clicked on the rule, and started the packet trace.I get green check marks for capture, access-list, and route-lookup. The result is the packet is dropped with info saying: (sp-security-failed) Slowpath security checks failed

Member Since	‎04-23-2013 08:27 AM
Date Last Visited	‎08-18-2017 04:01 AM
Posts	23

User Statistics

User Activity

Problem after ASA replacement

should i leave default acs CoA port?

0 hits on access rule in use

Check when hit counter was last cleared

Service object creation

Re: should i leave default acs CoA port?

0 hits on access rule in use

0 hits on access rule in use

0 hits on access rule in use

0 hits on access rule in use