Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
IntroductionThe videos below provide a basic overview for enabling port forwarding to allow access to a DMZ server through a Cisco ASA in the 8.3 and 8.4 software versions. Depending on your preference, the videos will demonstrate the configuration i...
IntroductionExamplesExample A - Normal FlowExample B - Multiple Internet PathsExample C - Active/Active FailoverDiagnosing/TroubleshootingPacket CapturesSyslogsMitigationRouting configurationASR GroupsTCP State BypassSummaryRelated Information Introd...
Hi Paul,1) The ASA doesn't enforce any restrictions on the number of VMs on the inside. The data sheet provides some guidance on the scalability of a single ASA 1000V instance (again, you can simply deploy multiple ASA 1000Vs if the environment requi...
Hi Paul,It's true that the ASA 1000V's inside interface needs to protect 1 subnet, but this doesn't mean you're limited to a single set of policies (or a logical zone) because of the security-profile interfaces that we discussed.Imagine a subnet that...
Hi Brian,Unfortunately, this is by design in the current ASA failover and SNMP implementation. There is an enhancement request filed to change this behavior but it has not been implemented yet:CSCtl88556 - ASA5520 failover pair has duplicate snmp v3 ...
Hi Mel,Are the interfaces between CONTEXT_1 and CONTEXT_2 on the same VLAN? If so, this could be related to:CSCtw82050 - FWSM: FTP inspection breaks data channel sourced from another contextAssuming you're not using NAT for the FTP client or server, ...
