About Cezar Fistik

Cezar Fistik · 11-25-2018

Hi Yuri, If I understood you correctly, I think this configuration should work for what you need, assuming you don't have an access-list on inside of TA-FWL. If you do, adjust it to allow the connection. In summary, this configuration should allow h...

Cezar Fistik · 11-24-2018

But generally speaking I would avoid NAT completely if possible? Can you just add a couple of persistent static routes to those hosts so that they know how to reach each other? This way you can avoid NAT completely and use regular routing for connect...

Cezar Fistik · 11-24-2018

Yuri, When configuring a static NAT in the form '(outside,inside) static interface' you're translating the source IP of your outside host to the IP address of the firewall inside interface. If you want to translate it again on the other firewall, y...

Cezar Fistik · 11-24-2018

Assuming your subordinate CA is configured correctly, did you authenticate it on the router before enrolling? That means, do you have the entire chain of certs on your router, i.e. RootCA -> SubordianteCA?

Cezar Fistik · 11-24-2018

You need to add your PSN host(s) IP addresses to the corresponding SVIs using ip helper command, similar to what you have for your real DHCP servers.

Member Since	‎10-16-2017 12:52 PM
Date Last Visited	‎12-02-2018 08:02 PM
Posts	9
Total Helpful Votes Received	5

User Statistics

User Activity

Re: NAT over inside interface between 2 ASA5506

Re: NAT over inside interface between 2 ASA5506

Re: NAT over inside interface between 2 ASA5506

Re: Standalone CA and Subordinate CA Error

Re: Automatic Profiling of endpoints