I was enabling all the ports for testing on an asa 5510 and once I got to port e0/3 I got this error:
ciscoasa(config-if)# int e0/0
ciscoasa(config-if)# no shut
ciscoasa(config-if)# int e0/1
[Code]....
On the asa theres 4 ethernet ports 0 - 3 don't understand why port e0/3 is not listed. When a cable is connected the led's for that port goes green. Is the port just bad or is there a work around?
I'm having an issue with out going sip traffic showing my private IP in the header instead of the public IP. I have a cisco asa 5510 and everyone seems to think the issue resides on the firewall.
View 4 Replies View RelatedI have an ASA5510 and I would like to implement something like this: have two ports patched in and ready but only one active, the other one in standby (when the first one goes down the other port comes up and all the traffic goes down this way), all these on one physical box. So, it's basically like port failover on the same box.
View 1 Replies View RelatedI configured ASA to open port 21, 3389, 5900 (outside access in) but when i check port just success : 21 and 3389, Error: 5900 If i configured with only one port 5900 or 3389, is't ok, i don't understand what 's the problem?
ASA5510>
ASA5510> ena
Password: ***********************
ASA5510# show run
: Saved
[code]....
I'm looking for an example config of how to run dual ISPs while doing port fowarding for one of the publicly facing IPs. This is on 8.4 so
View 1 Replies View RelatedI am trying to set up a Cisco ASA 5510 running 8.2 to allow a connection to a Polycom camera that sits behind it. What I want to do is forward multiple ports to allow a connection from an outside office. The polycom camera uses the following ports:
1720 tcp
3230-3235 tcp
3230-3253 udp
I got these port numbers from the Polycom web site. So what I did was create a service object as follows:
object-group service All-Polycom-ports
service-object tcp range 3230 3235
service-object tcp eq h323
service-object udp range 3230 3253 My question is how can I use this service object in a static (inside,outside)
command so that I don't have to create multiple commands for the port forwarding. Is this even possible or do I have to sit down and write out around 30 seperate commands to do this. I've been searching the web and it seems a lot of people want to do this but so far I haven't found an answer.
I've cloned the configuration off one of my ASA5510's to another 5510 to use as a template for a new data center deploy. I have configured the new firewalls networks and rules, and of course changed the WAN IP config to its new setting.
I want to test the firewall in y office before I deploy it. How should I configure my Macbooks ethernet configuraiton to test the firewall?, as I have tried without success to connect to it.
Let's say that my WAN configuration is 134.5.169.98/255.255.255.224 with a static route of IP address 0.0.0.0, Netmask 0.0.0.0 and a gateway IP of 134.5.169.97.
I've tried setting the route to force all traffic through the interface (sudo route add 0.0.0.0/1 134.5.169.98), but that did not work either. A trace route to the external interface IP of the firewall (or the external IP of an expose server) get's a "no route to host" error.
I've tried many configurations and have not been able to access the internal servers/services/VPN at all.I've also tried with a cross over, and straight through cables.
What should I configure my macbooks network configuration as so I can connect directly to the WAN port to test external access to the internal servers/services and test the VPN client?
I am using an ASA5510 for internal firewalling in my QA environment. How do I allow RDP from one subnet to those protected by the firewall? Preferably using the ASDM.
View 25 Replies View RelatedASA 5510 have two model Bun-K9 and Sec-Bun-K9 from the datasheet find out difference Port related and Redundancy. My questions is : Have any major difference for Security service between two model ?
View 3 Replies View RelatedOK, so just mooching around in the pages of my switch, a 24 port switch and it has in the logs:
268InfoMay 15 22:43:51NIMInterface 26 is Link Down
269InfoMay 15 22:43:51NIMInterface 26 is Link Down
270InfoMay 15 22:43:51NIMevent(39),intf(26),component(2), on non-existent interface
Now, correct me if I`m wrong but my switch only has 24 ports and two of those (23 and 24) are dual personality jobbies!?Where the hell is port 26? Where did it come from? and why did it need to show up only for the switch to realise that it doesn`t really exist?
I recently ordered and received Cisco Catalyst 3560-CG Series 8-port PoE switches (ws-C3560CG-8PC-S). In running the Cisco Network Assistant (Version 5.6(3)) they show up as an unsupported device. The documentation for this product indicates that you can use CNA to configure this switch. Is there a download or patch available to correct this problem?
View 8 Replies View RelatedI have configured the following access-list on routers fa0 interface (i am using 1801)
access-list 111 permit ip any any log
and applied it in "in" direction on Fa0 interface.
Now when i am sending ssh packets to this interface its showing below
*May 14 05:09:00.104: %SEC-6-IPACCESSLOGP: list 111 permitted tcp 172.18.128.2(0) -> 172.18.128.146(0), 1 packet
why its not showing any port number ?
On RV016 router WAN port 1 is showing Half duplex wen i check it in Port setup but when i check it on Port status its showing me as Half duplex, how can we force it to make it full duplex.
View 2 Replies View RelatedNetwork port: Yellow light blinking and orange light not showing
View 1 Replies View RelatedWhy is my WRT54g router only showing the 1st LED port is lit, and not the rest when I have changed or added a device to the 2nd,3rd,4th port? It is also stopping my ability to stream,view youtube etc. When I disconnect the router from my cable provided modem, everything works fine?
View 2 Replies View RelatedI am able to ping from Switch to firewall inside ip and user desktop ip but unable to ping from user desktop to FW Inside ip.. config is below for both switch and FW Cisco ASA5510....
TechCore-SW#ping 172.22.15.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.22.15.10, timeout is 2 seconds:
[Code].....
In our company 3nos Cisco 3750 (WS-C3750-48P) access switch in stake mode. All port are assigned with voice and data Vlan also Avaya IP connected with this switches. From last few days tow port 2/0/7 and 2/0/8 is showing amber and status is showing err-disable. At Avaya end it is showing a message “ETHERNET WAITING” in phone dispaly. I try to connect laptop directly with these ports but it is showing "Cross Connectivity". [code]
View 4 Replies View RelatedWe have a cisco 3750-48 port switch.We have a few SVI's configured and some static routes configured.I had created a new interface vlan and gave it an IP. I can ping the gateway.
Now I want to add a static route to go out that interface.when I add: ip route 10.x.x.x 255.255.255.0 10.52.10.1
it eccepts it (no errors) But, it does not show in the routing table nor in the config? How to add the static route to go out that vlan interface.
I have two ASA5510's set up in failover, and the secondary keeps crashing after doing the interface checks when bringing failover up. This only happens if I try to upgrade the image on the secondary to anything newer than 8.4.1 (I've tried with 8.4.1-11 and 8.4.2). The primary one run just fine with new images.
I don't have the exact error right now, as I need to do a screen capture from console. It's just a huge crash dump.Are there anything I might have missed during the upgrade? Should I cold-boot both the firewalls in the correct order?
I volunteer at a school who just purchased two 48 port SGE2010 managed switches. I am not a big fan of the web gui and was hoping to see the standard Cisco command prompt instead of the menu-type interface.
Is there a way to view the MAC table showing which MAC address is plugged into which port on the switch? I have been fighting with the menu and the gui for a while now and do not see this anywhere.
i have a ASA5510 in the office, that already configured 3 context, namely, admin, user, server.in the server context, the last running config was not saved, and there was a power trip last friday night. 1 of the sub interface was affected, and i need to recreate that interface.I am getting the below error, it only allow me to do changes those pre-defined interface.how to I create extra sub interface?
View 3 Replies View RelatedI have a ASA5510 and I have a question about the speed the ports can handle, here is one port:
-interface Ethernet0/2
- speed 100
-shutdown
- no nameif
-no security-level
-no ip address
it's ethernet and not fastethernet so I figure it will only go to 10Mbps, but at the same time I can hard code the speed to 100.
i have cisco ASA 5510 Firewall using in my network, i have planning to upgrade the Flash memory from 256 mb to 512 mb and the RAM from 256 mb to 1GB.
View 1 Replies View RelatedI have a cisco asa 5510 with security plus license in Live enviroment . I need to add a secondary firewall . I was planning to do in active /standby mode for failover .But i have a doubt , when i do "show version " on live asa output says Active /active failover , does this means that i can only configure failover in active/active mode not in active/standby (which i want to do )?
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 25
WebVPN Peers : 2
Dual ISPs : Enabled
VLAN Trunk Ports : 8
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5505 Security Plus license...
i am using Cisco ASA5510 Firewall in my Network in the distrubition Layer .Private Range of Network Address use in the Network and PAT at the FW for address translation.presently encountering an issue the users behind the FW in my network unable to RDP at port 2000 presented at the Client Network.Able to Telnet on port2000 but not RDP . any changes needed at the FW end to get the RDP Access.
View 12 Replies View RelatedI've configured a couple of ACL rules via CLI in my ASA. When i checked in the ASDM, it only shows the basic rules that was configured by default and did not show the rules that i've created.
View 6 Replies View Relatedmy computer is a dell dimension 1100, with a Linksys WMP54G wifi card, running vista home basic.In the wifi thing in the notification area, it shows two wireless networks, One is my normal SSID (Lower Net), and one is "Unidentified network". They are both on one wireless connection (Wireless Network Connection 3). When i try to go on the internet, it says i'm not connected. i tried disconnecting from the unidentified network, but that disconnects me from lower net too.
View 13 Replies View RelatedWe’ve got lot of ASA appliances (around 30, 5505/5510/5520) and we never had this problem since the use of the new image software ASA 8.4(1) and ASDM 6.4(1). So, my problem is located on two ASA 5520 with active/passive failover with ASA image 8.4(1) and ASDM image 6.4(1).
My problem is that our appliance doesn’t show any logs when an ACL deny a packet, even if when I specify a specific “deny ACL” with a specific logging condition, asdm and ssh buffer logging are empty but the counters of the ACL increment.
We have to use scp on all of our network devices. It worked quite well on our routers and switches but I can't seem to get it to work for the firewalls and IPS. I enabled scp on my ASA5510 using the command "ssh scopy enable". I also ensured that a rsa key was generated and that ssh ver 2 was enabled. But I can't seem to locate the commands to actually have my firewall either copy it's configuration to a server or reach out to a server to pull down a file. We are using IOS 8.2(1).
View 1 Replies View RelatedI have a customer who wants to prioritze rdp traffic throgh the firewall.I know that its port 3389, but outgoing traffic is a random port number.Any smart way to catch this traffic and get it in the LLQ ?
View 3 Replies View RelatedShowing Your firewall has a version number null which is not supported by ASDM 6.2(5). I received this error when trying to run asdm on my asa 5505. I upgraded image and asdm trying different versions. I used many different versions of java all to no avail.
View 4 Replies View Relatedwe have ASA 5510 which we need to upgrade from 8.0(3) to 8.2.5. can we directly switch to 8.2.5 from 8.0(3) , if not what all versions we need to go from.
What all point needs to check before that following is show flash output.
97 14635008
Jan 01 2003 14:12:16 asa803-k8.bin 98 4096
May 14 2008 21:22:10 tmp 2 4096
Apr 20 2008 02:21:46 log 6 4096
Apr 20 2008 02:22:16 crypto_archive 99 6851212
[Code] .....
My device has 3 interfaces configured: inside, outside, DMZ. Right now I can access the DMZ from the Internet and I can access the DMZ from the LAN using an exempt nat statement. I am having a few issues setting up DMZ > LAN access however. The servers running on the DMZ need to send information to my LAN such as syslog traffic for example. Will DMZ traffic be NATed or should this somehow be excluded? Bascially all LAN devices should get to the DMZ devices by their actual IP and vice versa. Are there any special statements I need to add to the ASA such as nat or ACLs to make this work? My LAN is 10.10.6.0/24 and DMZ is 192.168.254.0/24.
View 1 Replies View Related