Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all,I am trying to establish a VPN connection from our on-premises rack to our Amazon VPC. The router/firewall that we have is a Cisco ASA 5505 running software version 9.1(7)23. According to Amazon's documentation, the 5505 is tested to work s...
Hello,
Our ASA 5505 is nearly constantly logging the following event over and over again:
<162>Sep 01 2018 19:36:55: %ASA-2-106016: Deny IP spoof from (xxx.xx.xx.104) to xxx.xx.xx.5 on interface outside
In that event, the first IP address is the ...
Hello all!Currently, we have a single Cisco ASA 5505 device protecting our network. It has an Unlimited User Base (non-Security Plus) license.We would like to add an additional ASA 5505 device for redundancy, in an Active/Standby failover configurati...
AJ,
I will give that a try. In the meantime, here is the ASA config file, appropriately sanitized. Don't say that I didn't warn you it was a monstrosity.
: Saved
:
: Serial Number: xxxx
: Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
:
AS...
AJ,
I will try to "sanitize" the config file. Our config is rather large and complex -- probably unnecessarily so. But I will do my best and try to get it posted.
In the meantime, I wanted to share a couple of screenshots from the graphical ASDM ...
AJ,
I have set up the capture as you suggested, using the public IP address of the outside interface and the public IP address of the web server.
However, although the ASA continues to log the error messages, the captures are remaining empty, sho...
AJ,
Well, I must admit to getting more confused...
I did what you suggested, doing the capture on the 'inside' interface as that is the one that should be the gateway for any traffic originating from inside our network. I even tried to hit the ...
AJ,
What you said makes total sense. But the only machines on this network are our various servers and management machines. We do not have users on the network regularly accessing the web sites and so forth. So if something is attempting to hit the...
