Cisco Firewall :: ASA 5510 Ftp Traffic Passing On 1 Interface But Not Another?

Dec 20, 2011

FTP traffic routed from outside to the inside interface works fine.  I have another interface with multiple sub-interfaces and vlans configured.  FTP traffic routed from the outside to vlan2_servers is not making it through the firewall.  I must be missing something.  I have attached my config.

View 4 Replies


ADVERTISEMENT

Cisco Firewall :: ASA 5520 Not Passing Full Interface Rate Traffic

Apr 12, 2012

I have an issue where our ASA 5520 is impacting upload (from LAN to internet) speed. We have a 100Mbps SDSL internet link and only see around 45-50 Mbps on the upload when going via the firewall, download is around 90+ Mbps so that is acceptable. I have tested a laptop connected directly to the internet router and that give near on the 100Mbps up and down speeds, but if I put that laptop on the LAN or directly onto the firewall interface I only see 90Mbps down and 45Mbps up. I have check that the interface speeds/duplex on the firewall, switch and laptop are correct and also checked there are no errors on the ports. I also turned off the IPS and that made no difference. In addition I have checked the CPU during download/upload (max): CPU utilization for 5 seconds = 9%; 1 minute: 3%; 5 minutes: 1%
 
In theory the 5520 should be able to cope with this throughput:

Cisco ASA 5500 Series Model/License:    5520
Maximum firewall throughput (Mbps):          450 Mbps
Maximum firewall connections:                      280,000

[Code].....

View 1 Replies View Related

Cisco WAN :: 2900 - Traffic Not Passing From One Interface To Another

Jan 15, 2013

I am facing a very big problem with site to site vpn on cisco 2900 ios.
 
I configured the vpn and when i ping  from router itself to destination ip with source as lan interface , VPN works, no problem.
 
but when i connect any computer directly to router's lan interface to initiate traffic , it doesnot work at all. and on computer's lan i see yeloow sign.
 
mtu is 1500, speed is auto (I tried changing also) , duplex is auto ( i tried changing also) , through firewall on pc should not affect but still i disabled it.
 
since their is no problem with vpn config as vpn comes up when i initiate ping from router itself but i dont know why it is not working from lan.
 
do we need any inspect icmp on this router also ? or any policy modification to pass traffic across the interfac on router is required ?
 
I was useinf c2900k9-15.0(M4).bin and i upgraded it to 15.3 which is lated to get reed of any bug .
 
I connected two laptops directly to router's gi0/0, g0/1 interface to ping from one laptop to another but this also did not work.

View 3 Replies View Related

Cisco WAN :: 2911 Not Passing LAN Traffic To Public Interface

Sep 23, 2011

We have a 2911 Router running 15.0(1)M4. G 0/0 is our LAN interface, and it has three subinterfacesG0/0.1 is our data LAN, and the gateway for our Windows machines.  This is the interface this question concerns.G0/0.23 is a separate LAN for various equipmentG0/0.192 is another LAN for equipmentG 0/1 is connected to the internet, and has a public address.S 0/0/0 is a T1 PPP, connected to our core data centerS 0/1/0 is a backup T1 PPP, again, connected to our core data center.There are three static routes entered:ip route 0.0.0.0 0.0.0.0 10.12.1.1 100 This is the first PPPip route 0.0.0.0 0.0.0.0 10.13.1.1 200 This is the secondary PPPip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 255 It currently has a cost of 255 while i figure this one out. xxx.xxx.xxx.xxx represents the cable company gateway, which I can ping properly.  I've also used "gigabitethernet 0/1" in place of the next hop ip with the same results. The public interface is properly connected, and can ping it's next hop (the cable company gateway).  When I change the static route for gigabitethernet 0/1 to a cost of "0", the router can properly ping DNS names, such as google.com through the public interface. 
 
However, devices on the data LAN cannot reach any public addresses except for the router's public interface, let alone DNS names (I am using 8.8.8.8 as my test IP).  If I revert the cost back to 255, making the PPP the gateway of last resort, these devices can again connect. (they travel through the PPP to our Data center's internet) 
 
This confuses me.  If our server, on the same LAN as the router can ping the public interface (it's definitley not leaving the 2911, as latency is less than 1ms), and the router itself can ping outside addresses, what is preventing the router's public interface from passing traffic to the internet from any source other than itself?  I have attached our running config in the hopes that there is something obvious I'm missing (the public ip addresses have been changed so they are not exposed).  I simply want clients on our 10.23.0.0 LAN to get to the internet via the public interface of the local router, and still connect to corporate resources using the PPP links. MAS_2911#sho run

Building configuration... 
 
Current configuration : 5666 bytes
!
! Last configuration change at 01:47:50 eastern Sat Sep 24 2011 by redacted

[Code].....

View 6 Replies View Related

Cisco WAN :: 2911 Multicast Traffic Stops Passing Through Multilink Interface

May 8, 2012

I have configured multicast (ip pim dense-mode) on two 2911 routers that are connected by a Multilink (3Mbps) Wan connection.The configuration work fine for awhile and sometimes all day but at some point one of the Multilink interfaces stop passing multicast traffic.I perform a sh multilink 1 on the interfaces and one interfaces show the multicast packets incrementing and the other does not, it just stops.The only fix for this is to hard reboot both routers and the multicast traffic begins to flow once again.

View 3 Replies View Related

Cisco Firewall :: ASA 5510 High Traffic On Outside Interface

Jul 31, 2012

I have little experience with firewalls, what I've learned has been by dealing with issues like this that arise from time to time.I know, I need to upgrade the version. It's in the works now. Anyways, my question/problem is: Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today.  On the dashboard of our asa 5510 the "outside interface" traffic usage is running contstantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.

View 2 Replies View Related

Cisco Firewall :: ASA 5510 - Can't Move Traffic From DMZ To Outside Interface

Jan 16, 2012

I can't move traffic (isakmp udp_port: 500 & ipsec nat traverse udp_port: 4500) from my dmz to the  outside interface

View 1 Replies View Related

Cisco Firewall :: 6500 - FWSM - Not Passing Traffic Through Firewall

May 3, 2011

We have 2 FWSM modules in each 6500 switches. 1st module is having 04 firewall vlan groups with 18 vlan interfaces in a single context firewall. All are working fine with no issues. Recently we create one more vlan on MFSC and add into the same firewall module. However newly created vlan inside the FW is not able to communicate with outside and also outside users not able to reach newly created subnet. But within the firewall zones (other interfaces) it can communicate. Once we did packet capture we noticed that its hitting firewall outside interface only and when we ping we got TTL expired error. we have default routes to outside and there's no any route inside as new segment is within the firewall (no any hop).
 
I guess there's no limitation on number of vlans that we can assign on one firewall eventhough there is a limitation for number of vlan-group which is 16 max (but we are within that limit).

View 2 Replies View Related

Cisco Firewall :: 515e / Traffic Not Passing Through Firewall?

Jan 16, 2013

Ive got a problem with passing traffic through a Cisco 515e firewall.im trying to telnet to devices on the inside net, 172.16.x.x fom an outside net 10.x.x.x? ive configured a group called infrastructure and added the 10.x.x.x addresses.ive configured acl 101 inbound on the outside interface:

access-list 101 permit tcp object-group INFRASTRUCTURE any eq telnet
 
theres a route to the inside net:

inside 172.16.0.0 255.255.0.0 172.16.163.1
 
and theres a translation:

static (inside,outside) 10.4.4.34 10.4.4.34 netmask 255.255.255.255
 
when i try and connect, using a packet capture  I can see traffic from 10.4.4.34 to the inside device 172.x.x.x on the inside interface but i cant see the traffic leave the outside interface ive used the same group infrastructure group before to connect to VM machines on the 172.x.x.x net on RDP and this wrks ok. access-list 101 permit tcp object-group INFRASTRUCTURE object-group VMs eq 3389

View 8 Replies View Related

Cisco Firewall :: Passing Traffic From Polycom Via 1812

Jun 15, 2011

We are trying to get a video conference system (POLYCOM) up running.  Thrue a Cisco 1812 router with Firewall feature set.
 
I  Have heard in the past that there should be issues with Polycom and Cisco, but have actually never seen it.I can establish a video call from inside the 1812 to outside.
 
But when I try from outside to the public ip adress there is nattet to, then it reach the video system and die straight after, so there is never any video session set up.
 
I have tried to remove everything regarding firewall feature and passing true, so the only thing the 1812 should do is NAT. And still the same.
 
I can not see anything in the log on the router from the ACL's where I permittet everything, other then it connect on the port TCP 1720, as it should. This is the software I'm running on the router:
 
Cisco IOS Software, C181X Software (C181X-ADVIPSERVICESK9-M), Version 12.4(15)T3, RELEASE SOFTWARE (fc1)
 
When I search Google, it look like there is a lot issues with Cisco and Polycom, but I have not found any concret solution. Other then I should use a ADSL line with a public IP address.  As we probably is going to do.

View 6 Replies View Related

Cisco Firewall :: Command To Check ASA 5520 Is Passing Traffic

May 14, 2012

how can i check that ASA is passing traffic? Also what command we can use to make sure VPN is working fine.

View 2 Replies View Related

Cisco Firewall :: Pix 506e Passing Traffic Even With A Deny Ip Any Any Rule

Sep 20, 2012

So I was doing some testing with my BB Playbook where I wanted to see what outside connections it tried to make during startup and whatnot. I have a pix 506e running 6.3(5). I created an simple 'deny ip any any' access list on the inside interface so that the Playbook doesn't actually make any connections, but I set up a 'capture' on the inside interface accepting 'ip any any' to see what kind of traffic I could see heading outbound from the Playbook. Well, it started off showing attempts to query DNS (and failed, naturally), but then after a couple of minutes, it tried to connect to a couple of IPs over port 443 and actually got a response!!! For the life of me, I can't figure out how this can happen. NO traffic should be allowed outbound due to my explicit 'deny' rule, but for some reason some traffic on port 443 made it past the firewall and got a response back. There are no other rules in the access list except the 'deny' rule. My PIX configuration is quite simple and I cannot see anything that would allow the Playbook traffic to circumvent the access list.

I've come to think that either RIM has found away around Cisco access-lists, or there is a bug in the Pix OS. I know it's an old appliance/OS, but still. I wouldn't think it could be THAT easy to bypass the firewall.

View 4 Replies View Related

Cisco Firewall :: After Upgrading ASA 5520 To 8.4.2-8 VPN Clients Traffic Not Passing Destinations?

Dec 26, 2011

after upgrading an ASA 5520 to 8.4.2-8 VPN clients traffic is not passing destinations other then destinations behind the inside interface. the log shows routing failure for the vpn client on the inside interface.it was working fine with 8.4.1 but the traffic is originated from the outside interface. confirm the the interface for VPN clients changed from outside to the inside interface.

View 5 Replies View Related

Cisco Firewall :: ASA 5510 7.2.1 High Traffic On Outside Interface Very High Input?

Oct 13, 2011

Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today.  On the dashboard of our asa 5510 the "outside interface" traffic usage is running constantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.

View 6 Replies View Related

Cisco Firewall :: ASA 5505 (9.1.1) & Comcast Business Cable Stops Passing Traffic

Apr 18, 2013

I am trying to determine why Comcast Business Class modem configured with a static IP (IPV4) works with a laptop or Linksys Cable modem but not with a Cisco ASA 5505. After a few minutes, the 5505 stop passing web traffic. I am able to ping the default gateway even though I can not surf the web. Restarting the 5505 and the Comcast modem, web traffic flows for a short period of time, then stops. I can connect inside the firewall via ASDM 7.1.1 and via SSH. I can not connect via either from the outside.  Comcast tech support indicated their router is working and is configured in bridge mode. I swapped out the 5505's memory, and then with another 5505. Nothing seems to resolve the issue. I am trying to determine if the 5505 or the Comcast router is not configured correctly.
 
Here are the parameters: The 5505 was reset to default factory settings via the command: config factory-default. Configured the outside interface with static IP Address followed by the no shutdown command, then removed DHCP features from outside interface.  Added Comcast DNS servers, default route, ntp servers, configured DHCP features on the inside interface. Enabled HTTP/SSH (inside & outside interfaces) and ICMP echo-reply (outside only).
 
I believe the Comcast modem is not configured correctly. The show version and show startup output are below.
 
ciscoasa# show version
Cisco Adaptive Security Appliance Software Version 9.1(1)
Device Manager Version 7.1(2)

[Code].....

View 5 Replies View Related

Cisco WAN :: Allow ICMP Traffic On ASA 5510 From LAN Interface To DMZ?

Jul 17, 2012

I want to allow ICMP traffic on ASA 5510 from LAN interface to DMZ. I've permit any traffic and added ICMP to the inspestion list also but still there is problem. Belos is the configuration. The image is asa822-k8.bin

:
ASA Version 8.2(2)
!
hostname fw-01
names
!
interface Ethernet0/0

[code]....

View 1 Replies View Related

Cisco Firewall :: PIX 501 / Can Traffic Goes From Inside Interface To Outside Interface

Oct 9, 2011

I have Pix 501 firewall and I'm just configuring the device for "Email Server" to allowing POP/SMTP.
 
Inside Interface Address: 132.147.162.14/255.255.0.0
Outside Interface Address: ISP provided IP address
 
My question is can my traffic goes from inside interface to outside interface? (because the inside interface address not from 10.0/172./192.168 private address)Also I'm allowing internet from this email server (132.147.162.14) so what my access list to be configured? and what my subnet mask shoud be there?
 
Pix(config)#access-list outbound permit tcp 132.147.162.14 255.255.0.0 any eq 80
Pix(config)#access-list outbound permit udp 132.147.162.14 255.255.0.0 any eq 53
Pix(config)#access-group outbound in interface inside

View 7 Replies View Related

Cisco WAN :: ASA 5510 - Outside Interface Stops Sending And Receiving Traffic

Aug 8, 2012

Cisco ASA 5510.  Between 5 to 10 minutes of reseting the asa traffic stop accessing outside ip addresses.  Ping from console fails to ISP router IP. Ping to google name server failes.  I have reset to factory default only setting up nic and natting and it still happens. 

View 2 Replies View Related

Cisco :: VPN Not Passing Traffic

Apr 30, 2011

I've looked at many others having this same problem, but can't seem to figure out what my problem is. Same issue as most, I can connect fine, I get an IP, but it won't pass any traffic, I can't ping anything or access anything.

View 8 Replies View Related

Cisco VPN :: 871 Passing Traffic Between Two VPN Devices Within A LAN

Sep 21, 2012

I have a vendor that currently uses a Cisco 871 as a VPN router in our company network, they use it connect to provide services to one of the servers in our LAN for our customers. Recently, we are going to be setting up a 24/7 call center with this vendor, they will be accessing a server in our network through the VPN to provide customer service during after hour periods.We have a problem however, with an application that is hosted by another vendor that is critical for our regular company call center. Access is reached with this application through this vendor by way of IPSec VPN tunnel that is built in our company's Cisco ASA 5510. This application is accessed via Internet Explorer that goes across to access the application at the endpoint
 
I need to figure a way by which the vendor that will be running the 24/7 call center coming through their tunnel in our network to connect over to the tunnel on the vendor on my ASA. Im likely going to have to set some routing of traffic in my internal default gateway router for this to work.

View 2 Replies View Related

Cisco VPN :: Traffic Not Passing Through On ASA 5505

Sep 7, 2011

I've got a client that recently got an ASA 5505. E0/0 is connected to the outside, E0/1 connected to the internal server (Win 2008). The ASA "local network" is 172.30.1.0/24; my internal network is 192.168.1.0/24. I'm able to connect from home through AnyConnect and get a proper address (which I've got a pool of 172.30.1.64/26 assigned for VPN users), but no traffic from my computer will go to the internal network, nor will the internal server (or the ASA for that matter) can't talk to my VPN'd computer.

On the firewall settings on the ASA, I've got it all open: any/any on both inside and outside, just to try and get anything to go through. I've even got split-tunneling working, but not traffic-passing! The config is below (redacting local AAA users).

[Code] .....

View 9 Replies View Related

Cisco WAN :: Passing Traffic From Lan To Wan In C1921 Router

Jan 26, 2011

Traffic Generator TG connected to R1 via switch SW . One end of the R1 is LAN1 interface and other end is WAN1. LAN1 is connected to switch SW. WAN1 is connected to R2 WAN0 interface..
 
 TG ------------- SW ------------------------------(LAN1)  Router R1   (WAN1)------------------------------(WAN0)Router R2
 
I have to pass traffic to R2 WAN0 interface.
 
Wen I pass traffic say 5000 from TG, I'm to recieve 5000 at R1 lan1 interface but I'm not to recieve at R2 WAN1 interface and hence not to R2 WAN0 interface.
 
Config at TG:'
-----------------
Destination IP : R2 WAN interfavce IP
Destination MAC : R1 LAN mac

View 1 Replies View Related

Cisco VPN :: 7200 - Traffic Is Not Passing Through Tunnel?

Nov 17, 2011

I have set a tunnel between Cisco pix 6.3 and Cisco Router 7200. Show Isakmp sa showing below detail on Pix
 
Total     : 1
Embryonic : 0
dst               src        state     pending     created
xx6.x71.x29.x68   x2.1x7.52.1x1    QM_IDLE         0           0
  
Is tunnel is UP ? Traffice is not going throgh the tunnel . why ?

View 1 Replies View Related

Cisco VPN :: 1841 / ASA Not Passing Inside Traffic Though Vpn?

May 2, 2012

I am about to pull my hair out. I have a 1841 router at one end with 3 ASA's for teleworkers working great. I'm connecting a 4th one that I can not get to work for the life of me. The tunnel is comming up, but its not passing any traffic. I don't see any glaring errors in the VPN debug. The router comes up, reverse route injection does its thing... all looks great. Am I totally overlooking somthing? I must have rebuilt this a dozen times.
  
: ASA Version 8.2(1) !hostname ciscoasa104domain-name default.domain.invalidnames!interface Vlan1nameif insidesecurity-level 100ip address 192.168.104.1 255.255.255.0!interface Vlan2nameif outsidesecurity-level 0ip address dhcp setroute! interface Ethernet0/0switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!boot system disk0:/asa821-k8.binftp mode passivedns server-group DefaultDNSdomain-name default.domain.invalidsame-security-traffic permit inter-interfacesame-security-traffic permit intra-interfaceobject-group network DM_INLINE_NETWORK_1network-object 192.168.2.0 255.255.255.0network-object 192.168.4.0 255.255.255.0access-list outside_1_cryptomap extended permit ip 192.168.104.0 255.255.255.0

[code]....

View 7 Replies View Related

Cisco WAN :: ME3400 Switch Not Passing Traffic

Jan 17, 2011

I have an Cisco ME3400-24TS-A Switch with is not behaving normal.
 
I have already erased its flash, uploaded new IOS but  could not fix the issue. However it boots normally and pass all tests show in boot process. Issue is this the i cant access or ping the computers attached to its ports from one to other.

However i can ping the switch vlan 1 IP from all computers attached to it.

When i tried Debug All Command, its shows the following:

debug all 
This may severely impact network performance. Continue? (yes/[no]): yes
All possible debugging has been turned on
Switch#
*Mar  1 00:03:41.467: special_oce_change_vectors: select debug vectors

[Code]....

View 2 Replies View Related

Cisco Routers :: RV042 DMZ Is Not Passing Traffic

Apr 18, 2012

i am using RV042 router, i have configured DMZ in this,  DMZ is not passing the traffic, i am able to ping the DMZ ip from the server. but the server is not getting the Internet. 

View 1 Replies View Related

Cisco VPN :: 5520 - Tunnel Up But Not Passing Traffic

Jan 15, 2012

I have a site to site tunnel between two 5520 ASAs.  Tunnel is up but when I try to talk to the other side, the implicit deny on the inside interface of the local ASA blocks the traffic.  When I ping, the tunnel comes up but in the logs it says it is blocking icmp from inside to outside.  I have tried the sys opt connection permit-vpn but it is not working.  The traffic is from 5 specific machines within the local sub net that I put in a network object group called Celerra_Replication.

I want to them to be able to talk to 5 machines on the far end of the tunnel in a seperate sub net.  They are in a net wrok object group called GP_Celerra_Replication The ACLs I created for this appear to be created correctly allowing IP from Celerra_replication to GP_Celerra_Replication and the opposite on the other side. 

View 1 Replies View Related

D-Link DIR-655 :: Passing SQL Server Traffic?

Jan 24, 2012

I have a server with SQL Server 2008 on it.  It listens on the default ports 1433 & 1434.  But traffic is not making it through my DIR-655 to the LAN so that SQL Server can respond to the request.  I am using DynDNS and have confirmed that the traffic is getting thru DNS and finding the router, but after watching the syslog I can see that I'm getting multiple of the following error messages when a request is initiated from a client (Microsoft Access app) outside my network:

01-24-2012   22:28:24   System3.Info   192.168.1.1   Tue Jan 24 22:28:28 2012 D-Link Systems DIR-655 System Log: Blocked incoming TCP connection request from 67.167.87.109:53284 to 67.167.87.109:139 01-24-2012   22:28:24   System3.Info   192.168.1.1   Tue Jan 24 22:28:28 2012 D-Link Systems DIR-655 System Log: Blocked incoming TCP connection request from 67.167.87.109:53282 to 67.167.87.109:445

In Port Forwarding I have specified a rule to allow/pass port 1433 & 1434 TCP traffic to my internal server IP.

Also I'm confused by the ports shown above since I was expecting to see 1433/1434 in there...seems this is a factor in the traffic never getting to the SQL Server to process the request?

View 1 Replies View Related

Cisco Routers :: RV042 Stops Passing Traffic On WAN

Feb 12, 2012

We have a managed service provider voip network that requires us to use our own router for the data network. We wanted to use the RV042 for it's easy vpn setup. After installing it worked great for about 10 min. then the WAN port stopped passing traffic. 3 min. later it started working again. We tested the RV042 on a different network and it works fine. We tested an older Pix on the managed network and that works fine. But the RV042 will not work on the managed service provider voip network. The service provider says that on their end it shows our WAN port going up and down.

View 1 Replies View Related

Cisco WAN :: Linux Not Passing Traffic Through 1721 / 1841?

Jan 6, 2011

I run a network that uses MPLS circuits to connect all of the companies different stores.  Internet access is through a Cisco ASA5500 here at the corp headquarters.
 
To make all of this work, we use a little 1721 gateway router to move traffic as needed.   All the clients in our corporate office use 10.10.99.1 (Cisco 1721) as a gateway.  The 1721 routes the traffic either to the internet (10.10.99.106 Cisco ASA5500) or the MPLS router (159.61.54.30).
 
For some reason, anything that runs on Linux (Ubuntu server, ReadyNAS boxes, Thecus NAS) will not pass traffic beyond the 1721 gateway router.
 
I've poured over the config for that router, and I can't find anything that could be causing this not to work.  Thinking that the 1721 was bad, I put an 1841 online in it's place, and it did the same thing.   I'm a noob when it comes to Cisco configs, but am learning as I go along.
 
Ive attached a txt file of the 1721 config.

View 31 Replies View Related

Cisco Routers :: RV180W - All Traffic Passing Through Router Is Seen As Ip?

Mar 7, 2013

Beta Firmware: 1.0.2.3
 
Web server log showing the issue:
2013-03-08 05:39:21 192.168.1.102 POST /somewebpage/somefile.htm - 80 - 192.168.1.1 - 404 0 0 6098 410 457
 
ISSUE: 100% of the traffic forwarded through the router is taking on the IP address of the router when it arrives at the web server. In this case, 192.168.1.1
 
My email server and FTP servers are having fits due to the anti-hammering issue that this creates.
 
I simply got the run around and they told me to call level 2 support and did not provide me with a contact number. For some reason, he refused to escalate the call. They simply told me to contact someone from a previous issue in which they gave me the beta firmware to download and I spent a lot of time on the phone to get that far. I do NOT want to speak with the same person who addressed my last issue.

View 4 Replies View Related

Cisco Firewall :: Unable To See Interface On ASA 5510 Firewall?

Jul 29, 2012

I am unable to see 4th interface on my firewall i.e fastether0/3 on my firewall ASA 5510.
 
Below is the output.
ciscoasa# sh int ip br Interface                  IP-Address      OK? Method Status                Protocol Ethernet0/0                x.x.x.x           YES CONFIG up                    up Ethernet0/1                x.x.x.x           YES CONFIG up                    up Ethernet0/2                unassigned      YES unset  administratively down down Internal-Control0/0        127.0.1.1       YES unset  up                    up Internal-Data0/0           unassigned      YES unset  up                    up Management0/0              192.168.1.1     YES CONFIG up                    up

View 8 Replies View Related

Cisco Firewall :: Cross Interface Traffic ASA5505

Mar 12, 2012

I have an ASA-5505. [code] I have an Exchange server on the 10.10.10.0 network.  I need to be able to allow Active-Sync and OWA from the Guest WiFi through to the Exchange server on the 10.10.10.0 network.  The Guest Wi-Fi uses external DNS so traffic is going out to the Internet and getting an IP address which is of course assigned to the Outside interface abd trying to come back in on that interface.How do I make this do what I need?  How do I setup the rules to allow this traffic?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved