Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About prateeve
Stats
Member since
01-08-2014
61
Posts
50
Helpful
13
Solutions
02-11-2014
07:30 AM
Hi Kaneswaran, Could you provide with the syslog from standby ASA of the time when reload occurs? - Prateek Verma
... View more
02-05-2014
06:56 AM
Hi Kristian, There is a bug with cisco wherein java 7 update 51 causes the problem with ASDM access. The bug id is CSCum46193. I would suggest you to downgrade to java version to java 7 update 45 and it would work. - Prateek Verma
... View more
02-05-2014
06:53 AM
Hi Peerbasha, Yes, I forgot to mention that, my mistake . - Prateek Verma
... View more
02-04-2014
07:49 AM
Hi Grant, Try to configure following command and then check whether it works or not: fixup protocol icmp Hope this would help - Prateek Verma
... View more
02-04-2014
07:21 AM
Hi Jon, 1. Yes, you need to configure that command , it doesn't matter if the traffic is allowed in ACL as well. 2. Yes, you could still use ACL to control the traffic flow even if that command is present. - Prateek Verma
... View more
02-04-2014
07:10 AM
Hi Jon, It will not check even the access-rule , the packet would get dropped before checking the access-rule as you could see in the packet-tracer output above, but the drop you would see in packet-tracer would be under ACL drop. - Prateek Verma
... View more
02-04-2014
07:00 AM
Hi Jon, No that would not allow the traffic , it would still show drop in packet-tracer under ACL drop. If 2 dfferent interfaces are at same security level then you need inter-interface command and if you need to access anything behind same interface and traffic is going through firewall then you would required same-security-traffic permit intra-interface command. - Prateek Verma
... View more
02-04-2014
06:17 AM
Hi Muhammad, First of all you cannot ping far end interface ip from behind a interface, example if you are behind inside then you could only ping inside interface ip of firewall but would not be able to ping other interface ip's of firewall but you would be able to ping the network behind other interfaces, for that please configure the following command: fixup protocol icmp Secondly, for connecting the IPS in network you could folow the following steps: Please follow the following steps:
1. Point the gateway of the IPS to a Layer 3 interface in the network other than the ASA management nameif IP. This device must support routing between both subnets; for example, 192.0.2.2/24,192.0.2.254. (192.0.2.2 is IPS ip and 192.0.2.254 is ip of vlan on switch)
2. Create a static route on the inside interface of the ASA to point the traffic to the layer 3 interface IP address; for example, route inside 192.0.2.2 255.255.255.255 192.51.100.254.
3. Make sure all ACL and NAT rules apply to the IP address of the IPS management.
In this configuration, the IPS sends requests for Global Correlation updates, License requests, and IPS signature updates to the default gateway (192.0.2.254) and is translated to the outside address. Return traffic is routed back using the inside route and is forwarded to the Layer 3 device that houses an interface in the inside and management networks.
Also please let me know the version of IPS and java which you are using. Hope it will help. - Prateek Verma
... View more
02-04-2014
06:02 AM
Hi Amit, You have to get serial to USB converted to access it. - Prateek Verma
... View more
02-04-2014
05:59 AM
Hi Rizwan, Please try to use the following command and then check, since DMZ and outside interface are both on same security level: same-security-permit traffic inter-interface - Prateek Verma
... View more
01-31-2014
11:57 AM
Hi, As I could see in you show version output the license for 3des is disabled. In order to access ASDM you must have 3des license enabled and ssl encryption should include 3des. - Prateek Verma
... View more
01-30-2014
09:48 AM
Hi, Please send the output of the following commands: Show run asdm Show flash Show run http Show run aaa Show run all ssl Show version The ip from where you are trying to access it and it's behind which interface of firewall as well which java version you have on that machine. - Prateek Verma
... View more
01-29-2014
08:42 AM
Hi Anthony, Since, you must have following command on ASA: aaa authentication http console LOCAL Along with that , there should be a username and password in ASA's local database. So try to configure following command and then check: username cisco password cisco After this try to access ASDM with username and password both cisco and check whether it works or not. - Prateek Verma
... View more
02-11-2014
Hi Kaneswaran,Could you provide with the syslog from standby ASA of the
time when reload occurs?- Pr...
02-05-2014
Hi Kristian,There is a bug with cisco wherein java 7 update 51 causes
the problem with ASDM access. ...
02-04-2014
Hi Grant,Try to configure following command and then check whether it
works or not:fixup protocol ic...
02-04-2014
Hi Jon,1. Yes, you need to configure that command , it doesn't matter if
the traffic is allowed in A...
02-04-2014
Hi Jon,It will not check even the access-rule , the packet would get
dropped before checking the acc...
02-04-2014
Hi Jon,No that would not allow the traffic , it would still show drop in
packet-tracer under ACL dro...
02-04-2014
Hi Rizwan,Please try to use the following command and then check, since
DMZ and outside interface ar...
01-31-2014
Hi,As I could see in you show version output the license for 3des is
disabled. In order to access AS...
01-30-2014
Hi,Please send the output of the following commands:Show run asdmShow
flashShow run httpShow run aaa...
Public Statistics
| Date Registered | 01-08-2014 09:59 AM |
| Date Last Visited | 08-18-2017 04:28 AM |
| Total Messages Posted | 61 |
| Total Helpful Votes Received | 50 |
Helpful Votes From
| User | Helpful Count |
|---|---|
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 5 |
