Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
For weeks I have been trying to figure out how to get packet captures off an an ASA before the buffer is full or overwritten. It always seems like I was too late go get the capture I wanted manually so here is what I came up with. I hope this helps...
I was wondering if the AIP-SSM module on a ASA 5510 or 5540 can authenticate users against a Tacacs+ server? If so can you configure it so you can use ssh to login on to the device with authentication through Tacacs+?I have my ASA set up so I can ss...
I am getting a larger range of IPs from my ISP. Unfortunately, they are not within the range that I have now but they will be coming in from the same T1 connection.I have numerous statically maped address to web and ftp servers. I can't statically ...
Trying to configure a FWSM for the first time. I would like to have my DMZ accessible by both a static NAT and its local IP. Can't seem to figure it out.I know I will need to disable icmp before I go into production but here is my context configura...
Hi,I am trying to set up a FWSM on a CAT 6509 and I can't seem to get some of the interfaces to ping. Within my context I have:fixup protocol icmpfixup protocol icmp errorand within my access lists I have:access-list INSIDE extended permit ip any an...
Thanks, I appreciate the compliment. And I did submit that. For others who might want to submit their great idea as a Tech Tip here is the link:http://www.cisco.com/warp/public/437/readertips/index.htmlRegards,Brian
Thanks, for that response. But, how would you configure that? I don't seem to be able to get it working. I am trying to connect from the 172.30.4.0 network. And, I can ssh to other devices in the 172.30.8.0 network. This is my testing AIP-SSM co...
Thanks for the response. I did manage to talk with a Cisco engineer on this and they confirmed what you are saying.In addition they said that you can only ssh into the module from the local subnet that the AIP-SSM interface is configured on.Interest...
Thanks.That command won't work excatly like it is written because I don't have an "msfc" interface defined. But, I do have "inside" and "outside" interfaces defined. So, I enteredicmp permit any insideicmp permit any outsidein my context configurat...
