Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
In my searching, I've seen lots of discussion about using Mindterm as an alternative to JTA as an ssh/telnet plugin, but I haven't seen anyone that's actually implemented it. Being unfamiliar with java I've spent some time mucking about and managed t...
ASASM, version 8.5. This common log message has a new reason for closing: 2011-11-09T07:54:53.933532-05:00 rich-870-fw.gatech.edu %ASA-6-302014: Teardown TCP connection 1139092077 for outside:130.207.172.30/47434 to inside:130.207.243.143/1521 durati...
I only have this particular context monitoring in this case, but if it was set to drop blacklisted packets it would be dropping all of our DNS traffic from our campus DNS servers to *.akadns.org, which seems to be an Akamai DNS infrastructure.FYI. I ...
I've got a problem where I'm adding an ASA5580 as a device to MARS. Unfortunately, it thinks one of the contexts on the device is already in its database, with the same hostname. I've searched and I can find no other devices that share the hostname, ...
Yes, you can only run one module at a time (such as an IPS). The Botnet Traffic Filter runs on the ASA itself though, and is worth the money in my opinion. So in our case we run both an IPS module and the BTF on the ASA in our 5585-x pair. Graham
We have a pretty huge ASA and ASASM complex, and we are just about finished upgrading from an assortment of 8.4.x, 8.5.x, and 8.6.x installs to 9.1.3 on everything. There is one gotcha on some systems in that there is a file system change or some sor...
Yeah, you have to behave as if these are two totally independent devices and configure and manage them seperately. There are a few settings that you can push out to both with IME but I'm not sure it's worth the trouble as there is still a _lot_ that ...
What Karsten said. Since 9.x is not released for the ASASM (it's referred to in documents but it's not available to download on the ASASM page), I probably would stick with the 8.5(1.7+) train for now.
We had this problem as well. Here is the policy I put in place on an ASA running 8.4(x). (edited out some specifics though). access-list x-sip-limit extended permit udp any any range sip 5070 access-list x-sip-limit extended permit udp any range sip ...
