About smetieh001

smetieh001 · 03-05-2015

Hi I have set up clustering on 2 ASA 5555-x firewalls and just saw on the cisco site that SIP inspection is not supported. My organization provides a voip solution that requires SIP. Does anyone know a work around for SIP on an ASA cluster?I look for...

smetieh001 · 12-12-2013

Can someone help with the currect packet-tracer command for l2l ipsec vpnon ASA (a) ciscoasa# packet-tracer input Outside tcp 10.10.1.2 12345 192.168.1.2 80 ASA (a)Inside ip address - 192.168.1.2Destination port 80ASA (b) Inside ip address - 10.10....

smetieh001 · 10-23-2013

Hi Experts,Syslog is only showing me hit messages on access-list denying inbound traffic from external (i.e. internet) on outside interface but does not show deny hits from inside traffic going out to any smtp.i can see increamental hitcounts when i ...

smetieh001 · 10-07-2013

Hello Experts,I have a question about adding 2 new sub-interfaces to my firewall on active/standby config.If i add a new sub-interface to an active firewall with existing sub-interface, do i need to add thesame sub-interface config to the standby als...

smetieh001 · 09-26-2013

Hi Experts,We are changing our IPS (aip-ssm10) mode of operation from promiscous to Inline mode. Is there any caveats or anything i need to take into consideration before doing the switch? Is there a possibility to roll back incase something doesn't ...

smetieh001 · 03-06-2015

Hi Rizwan,Thanks for your response. Cisco documentation specifically says SIP inspection is not supported in ASA cluster. When i tried see the error message i got. ASA-1(config)# policy-map global_policyASA-1(config-pmap)# class inspection_defaultAS...

smetieh001 · 03-05-2015

Thanks kanwal for your response. We currently have active/standby configuration and wanted to take advantage of increased throughput on the cluster configuration. That may be my last option if i can't get the asa clustering to pass SIP traffic.

smetieh001 · 12-13-2013

Thanks jouni. Could you rewrite the above command using your suggestion, just to be clear. Thanks

smetieh001 · 12-13-2013

My question is that, can i use the above packet tracer command to confirm connectivity between two ends of a site-to-site vpn tunnel? Someone please respond...

smetieh001 · 12-12-2013

If vpn setup is on ASA then I guess what your vendor is asking for is the IP of your Outside interface of your ASA (which is a most likely a public IP or ISP given IP). You do not require a NAT since it probably exists if your internal IP (i assume 1...

Member Since	‎02-12-2009 12:56 PM
Date Last Visited	‎08-18-2017 04:27 AM
Posts	64
Total Helpful Votes Received	5

User Statistics

User Activity

SIP inspection on ASA cluster

Packet-Tracer for l2l vpn

Help Syslog

Adding sub-interfaces to a active/standby config

Changing IPS from promiscous mode to Inline mode

Hi Rizwan,Thanks for your

Thanks kanwal for your

Packet-Tracer for l2l vpn

Packet-Tracer for l2l vpn

Ipsec tunnel + NAT