Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey all,
after I update from 9.1(4) to 9.1(7) I'm not able to access DMZ devices from my internal network.
What are the changes where do I have to look?
Do you need further information?
Thanks in advance.
Hey all,I got the following problem:With the current configuration my PVN clients cannot access the DMZ (inside network is working).When I add the following nat rule: nat (inside,outside) source static any any destination static VPN_pool VPN_poolit w...
Hey all,got the following problem:We got a new ASA 5512 (9.1(2)). Since using the new ASA RDP over VPN is slow as hell. Furthermore we are hosting services for our customers at our local site. The customers access their servies via https and they rep...
Hey all,we got a new ASA (before: pix).After I applied the old nat rules (from pix - manually) I got the follwoing problems:- VPN is working but I cannot ping any internal devices- Accessing the internet is rly slow (dns errors occurs from time to ti...
Hey all,got the following problem at NCS:Upgraded alot of APs with the migration template. One access point remains as an autonomous one (it's a lightweight now).If I try to delete this one I got the error message in the screenshot.What can I do now?...
Oh my gosh - I'm an idiot.
I had my VPN Pool in the same ip address area like my internal network (don't ask why).
Because of the NAT Rules for the vpn the asa routed the packets to the outrside interface. Dunno why it worked with 9.1(4).
Now I updat...
Ok, after I traced icmp the log shows the problem:
ICMP echo request from inside:192.168.111.26 to DMZ:192.168.67.155 ID=1 seq=660 len=32ICMP echo reply from DMZ:192.168.67.155 to outside:192.168.111.172 ID=45 seq=13583 len=32
The reply goes to the ...
Little question till I'm able to update:
Are the follwoing commands enough to prevent the IKE vuln?
no crypto ikev1 enable outside
no crypto ikev2 enable outside
