Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have an ASA that speaks to a Microsoft LDAP server to authenticate users via phone calls.
It works fine, for both SSH and the ASDM.
However, for the ASDM, only one 2FA call is required to make configuration edits, but for SSH it seems to require ...
I have 2 firewalls, one functions fine, the other hangs when typing some commands that could contain hostnames.
Here are the 2x configs for DNS.
FAST ASA:
ASA-A# show run dns
dns domain-lookup outside
DNS server-group DefaultDNS
name-server...
I have a configuration as follows.
object network INSIDE_NET
subnet 192.168.1.0 255.255.255.0
nat (any,outside) dynamic interface
My question is basically, is there any point to saying "any" on the source interface when the NAT is contained wit...
So..i paid good money for a practice exam ($140 CAD) from what Cisco considers a reputable company. They even sell the exams on their website....
Here is one of the many questionable questions/answers I encountered:
- Which two statements describ...
Attached is an image which shows the topology my question relates to. I have built the exact same topology and configs in my simulator and received the same results, so it's my understanding that this is correct but I am unsure why. To identify the d...
Me too, i have no idea what the issue is. Rekeying succeeds like 90% of the time, but every few days the tunnel will drop during the rekey. Then for anywhere between 15 seconds and 15 minutes, both sides will continually try to rebuild/delete the tun...
That's actually incorrect, it is possible.
The issue im having is that I cannot figure out how to do it using an authentication server.
The above was accomplished by using:
aaa authorization exec LOCAL auto-enable
I would like to be able to ...
No, "any" would not be the nameif of any interfaces.
They would be something like:
inside
outside
dmz
Also, if you tried to name an interface "any", you would get an error.
ERROR: Name "any" is a reserved word and cant be used here
The Successor will fail over to the feasible successor:
192.168.26.9 (Ethernet1/1), from 192.168.26.9, Send flag is 0x0
Composite metric is (29212/3072), Route is Internal
Vector metric:
Minimum bandwidth is 90001 Kbit
Total delay is 30 mic...
