Hello,I setup both a physical lab and a virtual one using GNS3. I created a simple topology; 3 routers(rt1, rt2, and rt3). RT2 is the hub which has 2 WICs and each WIC is linked to the the other routers(rt1 and rt3). See attached diag. I configured O...
Hello, I followed the listed instructions to recover the password for an ASA and after rebooting the ASA I get the rommon #0> prompt.I was wondering if the below procedure is the correct one or if I am doing something wrong. Thanks for you assistan...
Hello, This should be a simple question but I wanted to verify first before I made the changes on the ASA. I'm trying to deny the following range or IPs (10.2.1.201-10.2.1.206) from accessing the Internet. So, I created teh following acl:access-list ...
Hello, I configured 4 port channels with mtu size 9000. The VM engineers requested me to configre the same mtu size on the vlans assiged to those 4 port channels. I wasn't sure if I needed to configure the MTUs on the VLANs since I already configured...
Hello ASA experts, If you caught a syn flooding attacks against your ASA, what is the best approach to mitigate/prevent that from occuring? Also, what is the best method to monitor such attacks? Best, ~sK
I found the solution. The reason why the asa would go back to the rommon is because the config-register needed to be set back to the default. I issued the following command, saved the config, and reloaded. That was successful.CLE_ASA(config)# no conf...
Thanks for the quick response. So, I changed the range to deny 14 IP addresses (10.2.1.240 - 10.2.1.254). The acl statement I'll apply isaccess-list acl_lib_pub extended dny ip 10.253.1.240 255.255.255.240 anyWill this do the trick?Best, ~sK
Thanks for the response! That's exactaly what we did; however, we enabled the scanning thread detection and implemented a threat-detection policy to shun any suspecious attacker. We use Whatsup Gold and do have all of our ASAs monitored but don't ha...
Sorry if my description of the problem was unclear. I simply wanted to find out if transferring large files between two FTP servers in dispersed locations is more efficient via a site-to-site VPN tunnel or not? I'd appreciate it if someon has any in...
