Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
GreetingsI have created an Extended ACL with the intent of permitting web traffic, SMB from a file server, and RDP from two specific hosts (or at least this is the intent). ICMP is ideally disallowed. The ACL is as follows: Extended IP access list AM...
GreetingsI'm attempting to use an ASA to route two VLANs to an outside interface that uses NAT/Port Forwarding on the outside IP to access several servers within one of the aforementioned VLANs. The following diagram shows the topology. The router...
Greetings,Our ASA's outside interface is connected directly to our ISPs cable modem and has a static IP assignment. Unfortunately, our building is located in an area where the reliability of the ISP isn't high, so losing our connection to the Interne...
GreetingsWe've recently moved from a flat /16 network to a managed network consisting of a few /24's. On the original network, our ASA's inside interface had an IP that was on the /16 and VPN connections were happy. With the managed network, the situ...
Greetings all After reading posts similar to this one: https://community.cisco.com/t5/vpn-and-anyconnect/asa-5505-free-inbuilt-anyconnect-licensing/td-p/3316063, I'm left in the same boat but still having questions. Our 5508-X has a value of 4 for An...
That seems counter-intuitive, but perhaps I'm conceptualizing direction incorrectly. My assumption was that inbound in relation to the VLAN meant sourced outside the VLAN, destined to a target within the VLAN; outbound was sourced inside the VLAN, de...
With the ACL applied, they cannot ping the GW. When the ACL is removed, they can ping it until the cows come home. The static route was a move of desperation that was removed after posting this. It didn't need to be there in hindsight.
As requested, here is the full running configuration. Building configuration...
Current configuration : 46445 bytes
!
! Last configuration change at 11:26:24 EST Fri Jul 26 2019 by dctech
!
version 16.6
no service pad
service timestamps debug dateti...
I had a laptop that was parked on the other end of R1 in the 10.170.2.X/24 subnet that I was attempting to use to hit SRV1 (I believe I set a static IP of 10.170.2.50). I forgot to mention that the gi0/1 IP is the gateway of the 10.170.2.X subnet wit...
