Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am working with an ASA 5520 with a SPAM appliance located within the DMZ. Not all smtp connections are being corrupted by the inspect esmtp setting, just a few. It was discovered that those few sites that are connecting to the SPAM appliance trav...
Hi,I have a need to create a user account on our ASA (8.x code) device but only allow them read access; particularly, view the overall config and interface statistics.I have tested with an account, but my attempts at setting the privilege level seem ...
Is it possible on an ASA to "split" the interfaces (e0/0 - e0/1 *** e0/2 - e0/3) to behave in such a way as to work as separate ASA's?Objective (2 separate functions)--------------------------------Function 1e0/0 - Outside Interface - ISPe0/1 - Insid...
I have an ASA 5510 (8.2.1 code). I am setting up two separat IPSec tunnels to remote networks, but each remote connection to a respective ASA interface.Question: I know that the e0/0 ("outside") interface's security level is 0. However, does the ...
In the PIX 6.x code, one could type the following: sho crypto mapand recieve output like: Current peer: 192.168.0.1 Security association lifetime: 4608000 kilobytes/28800 seconds PFS (Y/N): N Transform sets={ cisco, }question: How does one view the...
Yes - that is correct.I have tested different types of traffic and access to our devices on each respective end of the tunnel and all appears to be working well.If this is no cause for alarm, then I feel we can move forward with our schedule implemen...
I am excluding:Nat (inside2) 0 access-list 101-----------------------------------------The output:ASA# sho crypto ipsec sa | i ident|encaps|decaps local ident (addr/mask/prot/port): (172.x.x.0/255.255.255.0/0/0) remote ident (addr/mask/prot...
Correct - I finally have the routing configured, but I do not see the ACL incrementing on the ASA side (that is, the acl for the allowed tunnel traffic).I see it increment at the main site PIX, but it is very strange that the acl on the ASA does not ...
