Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Our ASA VPN clients are connecting and everything is working fine except that a large number of users are using two DNS servers that I want to decommission. While the ASA access-list allows the DNS traffic, neither one is configured to hand them out...
I am trying to lock down the VLANs where our CCMs are located and did a trace of login/logout via EM service.After a few logins, the resulting trace showed that the phone was comunicating with CCM via a destination UDP port range. So far I've identi...
I have an application where I need to restrict inside users going to particular PIX port but do not want to restrict network management users. For the sake of the example, the 172.16 subnet is the main user community and the 172.31 subnet is the net...
We have several users that occasionally work from home so we configured Extension Mobility so they can login at home. In addition, we configured the auto logout feature for a really long period because I don't know what happens when the timer expire...
I got some very interesting results. I hard coded my DNS servers on my LAN interface and connected via the VPN. I then tried various methods of overriding the VPN DNS configuration and was not successful.Interesting to me was that I changed the des...
Ah ha! That might align with a theory of mine. We do and always have had the two correct DNS servers configured in the default policy which I understand will be used by every other policy that doesn't have an explicit configuration for other server...
Thanks and that's the conclusion I have come to after looking at the configuration. However I am hesitant to block it until I understand it as these are very important users and I don't want to be the guy to cause them any problems.Just to clarify, ...
Luis,I thought I replied to this the other day but I guess it didn't take. My response was that I'm aware of this document but it doesn't mention anything about the UDP range of ports I saw in the trace. I'm implementing the ACL tommorrow morning a...
