Cisco Firewall :: 5540 Http Failed To Send Data To Server
May 7, 2012
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console) server (SERVER B).These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials, after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console)server(SERVER B). These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials,after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.Where do you think is the problem?
We have backup data center where I am now planning to provide backup internet service ( in the case where there is internet down or power outage at main server room) . I have a pair of Cisco ASA's 5540, one of which I need to move to backup data center ( BDC), Presently I have ADSL router at disaster serve room with static public IP from ISP.
Currently, I am publishing all my internal resources through ASA. Now my questions, if I move Standby ASA to Disaster Server Room. How I can publish the same internal resources through standby ASA and make it standby as active during the down time of main server room
We have Cisco ASA 5505 with ASDM 5.2 We have one Proxy server in our Local Lab and pointed to Hosted service(Simple Signal)issue is, When our proxy server send register to hosted server, ASA change private IP and post with outside IP and src port as 1063 every time.
Here is debug log on real time monitoring.
Aug 24 2011 05:21:19 302015 203.xxx.xxx.226 192.168.1.51 Built outbound UDP connection 3774 for outside:203.xxx.xxx.226/5060 (203.xxx.xxx.226/5060) to inside:192.168.1.51/27014 (99.119.161.107/1142) Aug 24 2011 05:21:19 607001 203.xxx.xxx.226 Pre- allocate SIP Via UDP secondary channel for inside:192.168.1.51/27014 to outside:203.xxx.xxx.226 from REGISTER message Aug 24 2011 05:21:19 710005 203.xxx.xxx.226 99.xxx.xxx.107 UDP request discarded from 203.xxx.xxx.226/5060 to outside:99.xxx.xxx.107/1063
Here 99.xxx.xxx.107 is Our ASA Outside IP address 203.xxx.xxx.226 is Hosted server IP address. My ASA config is attached.
I just upgraded my ASA 5585 cluster from 8.2 to 8.4. I also upgraded the asdm .bin from 6.35 to 6.43. after rebooter the cluster, I try to access it with ASDM installed on my computer but it blocked at 17%.I tried to access [URL] but I just an error (with IE & FF) [code] What did I miss in the ocnfiguration ? I precise that I never used the http page, I already had the ASDM installed from another ASA.
on ASA 5540 , i configured the logging setup as following :
log in to the internal buffer : buffer size 1048576 bytes
Then i save the buffer to FTP server to save the log messages in continuously way everything was working fine but suddenly sending the ftp traffic to FTP traffic has stopped suddenly before in the live log viewer it was showing when ASA throws the ftp traffic to the ftp server but this stopped suddenly nothing has changed in the ftp server setting (same username and password and the connectivity is there) sending logging traffic to the ftp server came back just when i reboot the ASA.but this is not solution.
I'm looking fot a way to do static URL blocking with ASA and when the URL is blocked present a "Web Page" to the user saying that it's been blocked.
So, i was wondering if i can use the http parameter "spoof server string" to replace the original URL sent by the user for another URL that points to an internal web server holding a basic page saying "Your URL request has been blocked".
The point is to have a way to tell users that the page they are trying to browse is blocked by a policy.
I have an ASA 5505 that I am using to connect my contractors to via an inside interface, the outside interface is my private LAN. I have setup on our corporate Proxy server to allow traffic from my outside interface of my ASA to go to the internet without credentials BUT log internet activity. The question is I want to know if the ASA can send that http & https traffic to my proxy server and all other traffic to my default route? I want to be able to send all internet traffic to my proxy server. This will avoid me asking the contractors to place proxy credentials in their browsers.
When ever I create a network object in ASDM 6.0(3) the UI also wants to send the command 'asdm location (network object IP address)' to the device.What is the purpose of 'asdm locaction ....'? Is it telling the ASA-5540 that the IP address is allowed to connect to the device using ASDM?If that is the case why does 'asdm location xxx.xxx.xxx.xxx'get denerated for every network object I create?
We've deployed WebVPN on Cisco ASA 5540 and its working fine with no trouble in relation to connectivity. My Anyconnect VPN users are able to download the client and connect to our corporate network.However, sometimes when I try to connect after entering the credentials it keeps saying Login failed.
I am testing out some inspection options on an ASA 5505, and I am running into a situation in which applying a http inspection is dropping all outbound http traffic. I get a "protocol violation" error in the logs.
Here is the setup: I'm not sure why the web traffic is getting dropped.
policy-map type inspect dns preset_dns_map parameters message-length maximum client auto
How does a device attached to a Cisco IP Phone send data to the switch?a. As tagged (using the voice VLAN)b. As untaggedc. As tagged (using the data VLAN)d. As tagged (using the CoS value)The correct question is A in the book though it said that tagging is switch process PC's doesn't tag frames.
Packet Sniffing is mainly used on non-switched networks to display data that was supposed to be sent to nodes other than yourself, allowing you to see information such as usernames and passwords etc.My question is, why can this technology not be used as easily on a switched network? When nodes send data through a switch does it become encrypted?
I have a virtualization server with 4 network interfaces and connected it to a SAN. There are few virtual machines which writes data to the SAN.
I want to connect to the SAN with multiple interfaces to speed up the network.
Is it possible to send data on multiple interfaces? How can I configure it?
Computers are connected to san through switch. SAN: Equallogic PS 4100 E Switch: Dell Power Connect Computer: Dell T610 OS: Centos 5 Virtualization: Kvm NIC: 8
I have a little problem with my ASA 5510 version 8.2(1) with a IAS server RADIUS for strong authentication.
I have configured a double authentication for my client to access SSL portal:
First authentication: AD serverSecondary authentication: IAS for my token SAFENET ALADDIN The server IAS is declared on a W2K3 and it's standard.
The problem I have is that after more than 24hours of unutilization, when i try to log in, my authentication failed the first time and then the other tries work fine as long as I use it in a period of 24hours.
I first thought about the timeout so i tried to put a "timeout" of 15seconds for AD and IAS servers and a "retry intervall" of 3 seconds, it doesn't change much.
Is there a tool/option in the ASA to check connectivity with the radius every 1h for example.
We have ASA 5520 as SSL VPN concentrator so users can access internal web from outside. Our internal web also has several internet URL. What we want is when user click internet URL in our internal web, ASA forward those request to internal proxy server. I already config proxy using port 8080 and username "companyuser" and password, but always have authentication failed on ssl vpn browser. We uses forefront TMG as proxy. Username and password have right to access Internet.
Cisco 2951 w/ HWIC-4ESW IOS 15.0(1)M5 #sh ip flow int Vlan533 ip flow ingress ip flow egress #
The SVI sends the flow data just fine, however I also continue to receive flow data from most other interfaces.
I have attached a screenshot of one of our netflow collectors indicating that many of the interfaces are sending flow data even though not configured to do so. We have two different netflow collectors, from different vendors and both confirm the same interfaces sending flow data.
Normally I wouldn't care and ignore it, however one of them uses a license limit by interface and is a bit problematic.
I have a problem with the User Tracking and Data Collection on LMS 4.0.1 . I think It crashes every time or freezes. I Have this error if I lunch UT Acquisition :
Failed to start acquisition: Construction of XML data required for UT IS in progress. Please try After Some Time.When scheduling a CM data collection, I have this error: Data collection IS Already in progress.
I detected an error in ani.log line 12266: Exception in thread "Discovery" java.lang.AbstractMethodError: com. cisco. nm. ani. server. topo. Port Channel.portIfIndex ()
I successfully changed the name of the CiscoWorks server last week with the tool hostnamechange.pl.
So i have a dell latitude e6400 laptop running windows XP. Now whenever I connect to my home wireless network, it will connect fine but randomly it will stop sending or receiving data. Therefore i cannot connect to any websites and i get a connection error. I check my connection though and it is running through an excellent connection.
I have a question its posible to authenticate an cisco phone and PC with the same vlan(voice and data)when i do this configuratión , the phone and pc dont work. The phone display registering and never finished.interface FastEthernet0/5 switchport mode access switchport voice vlan 1 authentication event fail action authorize vlan 11 authentication event no-response action authorize vlan 11 authentication host-mode multi-domain authentication port-control auto authentication periodic authentication violation protect mab dot1x pae authenticator dot1x timeout tx-period 10 dot1x max-reauth-req 3 spanning-tree portfastend.
When i tried to play back my video this error message appear:
Get data from database failed.i have a few date in my database. I can only playback the video for half of them which is the older one.How to repair them?
i had done inter-vlan routing , attached a DNS server to that network, i didn knw how to config a server to act as http??? so that i can view webpages forn systems of that network??
I have a server with two adapters: 192.168.1.200 and 10.99.1.200, 10.99.1.200 connects to a cisco router 10.99.1.254 (which I have no access to). This connects via WAN to another network to transfer files to another company. 192.168.1.200 is connected to our local LAN. I have a service that uses FTP to get and send files to a server through 10.99.1.200. I recently had to switch our IP scheme from 10.99 to 192.168 and since then haven't been able to send files to the ftp server. My question is, would a router solve my problem? If so, would I; remove the 10.99 adapter, connect 192.168 to the router, connect the router to the switch, connect the 10.99 gateway to the new router (and update any appropriate routing tables on the server)? The service appears to have issues with using a dual homed server and updating it isn't going to happen anytime soon.
we are having some trouble setting up our router (Cisco 861W) webserver on the LAN so that it can be accessed from outside (http via port 80). When we try to access it via the web address, we just get the login window of the Cisco router software?
LAN A (RV042)<-> GW to GW tunnel <-> (RV082) LAN B
On LAN A, I got a NAS with a syslog server. On the RV042, I've set the parameters for the syslog server, and it's working fine. On the RV082, I've set the same parameters and noting is happening.
As troubleshooting, I've done the following:
-On the RV082, I can ping the NAS without problems.
-On the RV082, I've set my computer IP adress as syslog server IP and with packet analyser, I not seing any UDP packets.
