Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have several NAT statements pointing External to Internal on an ASA. When I do a packet-tracer, it appears that everything is working, but I can't get to it via the IP...The command I ran was this:#packet-tracer input outside icmp [MY IP] 0 8 [Ext...
I moved a configuration from an ASA 5510 to a 5512, and in the process, went from version 8.4 to 9.0 of the IOS software. When we hook the firewall up, I can get to it from SSH, or from the outside, but a number of the NATS don't appear to be up, VP...
I moved a configuration file from a 5510 to a 5512, and upgraded from 8.4 to 9.0.3 IOS version.The configs look identical, I put the cert back, but it doesn't want to allow VPN to connect. There are several new lines of code that arrived with the ne...
I inherited an issue on a production firewall, pertaining to a new FTP rule they put in. The config is a bit out of order from what I’d normally do, I’m guessing due to being put in by GUI and not CLI. Here is what is pertaining to the FTP, I belie...
It ended up being routing on the core switch. I had thought they were routing to an interface that existed on their core for the default route, but instead, they were routing to a separate router for an MPLS connection that hosted like 5 of their 20...
Thanks for the reply. The ACLs are exactly the same on both ASAs, except the IPs are changed. That's why I'm thinking a routing problem. I'm speculating that perhaps the ICMP is returning to the current ASA on the out-route, rather than my new one...
I went from 8.6 to 9.0 on the new ASA, but stupidly didn't even think twice about dropping an 8.4(2) config on the new 9.0(3) firewall. I verified my upgrade path but didn't even think about where the config was coming from.Could that be causing my ...
I'll check that tomorrow. It didn't convert the file though, I pasted it from one ASA to the other, then went through line by line to make sure it was the same.Only differences were that the Cert didn't carry over, I had to reinput that (which again...
