Cisco Firewall :: ASA5520 - Change Internal Int Settings Remotely?
Aug 24, 2011
I have an ASA5520 that I need to re-address the two internal interfaces (sec level 100) on. If I can connect to this ASA remotely on the outside interface via ADSM, can I be sure I won't lose connectivity with the ASA while I'm changing the internal interfaces? If I can do this, it would save me a 2,000 mile flight and back Seems doable to me, but thought I'd ask.... I guess I could also engineer a remote access solution that connects to the Mgmt0 interface on the ASA, but that would take time and equipment.
View 3 Replies
ADVERTISEMENT
Oct 9, 2012
I have an ASA 5520 new. I am trying to migrate from a PIX 515E. I can connect via the CLI and ASDM on the management port (IP 192.168.1.1 the default) What I am having an issue with though is when I change the management port to 10.0.1.1 via the CLI or ASDM I can no longer use ASDM. I issue the show IP command in the CLI and I see that the IP has indeed changed but I still can not get into it. I must be missing something really simple, but this is driving me insane. I want to change the IP because I need the a different interface to be 192.168.1.1.
View 2 Replies
View Related
Apr 8, 2012
I need to change my DCS-942L camera settings remotely when I am not connected to my home wireless network. When I am at home, I just type in the local IP address of the camera (192.168.0.100) into my browser to access the firmware. How can I do the same when I am away from home and obviously not connected to the local WiFi?
View 1 Replies
View Related
Jul 27, 2011
I work for a company that has several offices in various parts of the country, my job is to change the name of all the machines on our network to our new naming convention. I need to perform this task without causing a distrubance to the other users.
View 2 Replies
View Related
May 31, 2011
Our firewall expert has gone off on long term illness leave and I am trying to pick up the pieces :-(
We have an ASA 5520 (local office) talking to another ASA (remote office) via a VPN Tunnel.
My 1st problem is that I cannot ping from my inside network (local) to the outside interface of my remote ASA.
My 2nd is that I have debug enabled on my rules but am not logging anything.
View 1 Replies
View Related
Jul 5, 2011
Has any one got a working setup for SSL VPN users in regards to notification about password is going to expire and then providing the VPN user the opportunity to change password during the VPN login process, involving ASA5520 - ACS Radius server - Active Directory
Our VPN users are connecting with Cisco Any Connect VPN Client V.2.5.3046 to a ASA5520 running 8.4(1), all user validation is handled via Radius though a Cisco ACS 5.2 server, which in turn validates the users up against MS Active Directory.
For the relevant connection profile on the ASA, the options Advanced / General/ Password Management / Enable password management has been selected together with the Notify user 14 days prior to password expiration, as mentioned its connecting to a Cisco ACS Radius server with MSCHAPv2 enabled on both the ASA and ACS.
On the ACS server under users and Identity Stores > External Identity Stores > Active Directory we have a successful bind to the AD, the values End User Authentication Settings > Enable password change has been selected.
Just to make sure the password notification function is working in the first place I change the ASA5520 AAA Server group to use LDAP instead of Radius and configured a direct path towards one of our domain controllers, sure enough when the user logged in he got a notification about the password would expire in xx days and then provided with a option to change the password right away or just connect with the current password.
The thing is I don’t want to just use LDAP for VPN authentication, I have quite a expensive setup on the ACS servers with unique ACL's for various group of employees and especially for external consultants, I also use the ACS for customization for webpage and resources when Web VPN is used.
Can it really be so that password expiration notification only works using LDAP, and if this is really the case, is there any way to configure Dual Authentication, so I could first validate the user against LDAP and next against the ACS??
(Side note: I tried to configure the ASA to use LDAP as normal Authentication and then the ACS as Authorization, but it failed, first off because the ASA started to use PAP/ASCII against the ACS and even if I allowed that, it seemed like the ASA wasn’t parsing the users password onwards, with the result that ACS failed and the user account ended up getting locked out in the AD).
View 4 Replies
View Related
Sep 27, 2010
I am looking for a way how to set the password-rules for individually for for some users or identity-groups.I just can find the global settings,Background of the requirement: We want to use password-aging for most admin-users, for some we dont want that pw expires.
View 10 Replies
View Related
Dec 19, 2010
I recently bought the WAG320N and initial setup (Wizard) went fine ....(I selected all the defaults as presented to me so I did not afterwards modify anything on the settings)However ...when powering off (and back on) the device , my Dreambox Sattelite units (DM500) could not get access to the internet anymore (outbound) on port 12000.All other internet traffic went fine ...through browser, wireless, ...all Ok.....I tried everything to resolve but ultimately only succeeded in re-configuring from sracth. powered off the device and brought it back up ....same symptons.Did a hard-reset (back to factory defaults), reconfigured through wizard and ...all Ok again .....until I powered the device off and back on .....I have come to a point now where I excluded all possible 'surrounding' disturbing factors (eliminated switches etc ....and only connected 1 Dreambox unit directly to the device) and ....same symptons ....when powering off/on, the dreambox cannot get out anymore and re-configuring from sracth resolves ....until the next power off/on.And ...it is really the power off/on handling (reboot procedure WAG320N ?) that is causing it .....(I disconnected the DSL line and put it back in , forcing the modem to reconnect DSL and then all still works Ok ). ? It seems as if certain -internal- settings get lost after a power shutdown.....but why specifically port 12000 ?
View 5 Replies
View Related
Aug 25, 2011
I recently bought the WAG320N and initial setup (Wizard) went fine ....(I selected all the defaults as presented to me so I did not afterwards modify anything on the settings)
However ...when powering off (and back on) the device , my Dream box Satellite units (DM500) could not get access to the internet anymore (outbound) on port 12000.
All other internet traffic went fine ...through browser, wireless, ...all OK.....I tried everything to resolve but ultimately only succeeded in re-configuring from scratch. This solved the issue .....until ....right...I powered off the device and brought it back up ....same symptoms. Did a hard-reset (back to factory defaults), reconfigured through wizard and ...all OK again .....until I powered the device off and back on .....
I have come to a point now where I excluded all possible 'surrounding' disturbing factors (eliminated switches etc ....and only connected 1 Dream box unit directly to the device) and ....same symptoms ....when powering off/on, the dream box cannot get out anymore and re-configuring from sracth resolves ....until the next power off/on.
And ...it is really the power off/on handling (reboot procedure WAG320N ?) that is causing it .....(I disconnected the DSL line and put it back in , forcing the modem to reconnect DSL and then all still works OK ). It seems as if certain -internal- settings get lost after a power shutdown.....but why specifically port 12000 ? (and ...no...I did not setup any port forwarding not triggering.
View 7 Replies
View Related
Mar 6, 2012
I am having an issue where occasionally the Sidewinder starts to see my internal RFC 1918 address instead of the configured external address of my firewall. This is for peering between the two. The error they see on the Sidewinder is:So instead of seeing the external peer address he sees a 10.220.3.18 address. We are not sure what triggers this becuase normally he see's my 63.117.98.222 address.
View 5 Replies
View Related
Sep 15, 2011
The problem is that the PABX is sending out an internal address in it's INVITE messages and the ASA5505 isn't changing the internal address to the external address.We need> From: Calling Number <SIP: SIP Username@Public IP Address>However our PABX sends out> From: Calling Number <SIP: SIP Username@Private IP Address>. How to translate the internal IP address to the external IP address on an ASA 5505?
View 1 Replies
View Related
Feb 21, 2013
I have DELL desktop PC with Windows 7 64 bit. Once i have used HotSpot Shield for few days. After uninstalling the HotSpot, I am unable to change TCP/IP and DNS servers settings. My network adaptor is set up to default (automatically obtain ip address). Each time when i tried to change the dns servers settings, it requires a reboot (which is not happened with other PCs). and after reboot, its again set up to obtain ip and dns servers settings automatically.I have Avira FREE antivirus and its not showing any virus.I have cleaned my PC using Malwarebytes, some virus detected and removed but in vain.I am still unable to change my Network Adaptor's dns servers settings.
View 1 Replies
View Related
Feb 10, 2011
I am trying to set up a internet connection to my campus network. i followed there instructions to the T. The network requires me to change my proxy settings. But every time i change my proxy to connect to the to the network, it say that i am connected but i can seem to load any pages. it worked before but i just redid my computer an it doesn't work now. one of the steps in the list of instructions given to me by the university was to select "dial whenever a network connection is not available" but selecting this is restricted for sum reason what do i do ?
View 1 Replies
View Related
May 21, 2012
I can't change my DNS servers. I went to my Network Settings and changed the settings for my DSL adapter. I manually changed the DNS servers to OpenDNS's servers, but when I looked again, the settings always change back to the localhost, 127.0.0.1. I tried to reset my DSL but still no luck.
View 3 Replies
View Related
Jan 12, 2012
I am trying to set up a asus usb n13 wlan. I have everything installed and it shows connected to my router but then I get an error message saying that the encryption settings do not match so data will not pass. The WLAN is set up to use WEP but my router uses TKIP+AES (WPA2-PSK). There doesn't seem to be a support phone number or live chat access but I did turn in a technical request form. Just trying to save time and get this thing up and running.
View 1 Replies
View Related
Apr 4, 2013
Lately, Ive been trying to change my router DNS to OpenDNS. Somehow, after changing it, I couldnt access the router page at 192.168.0.1, getting the error 500 message. I unplugged and plugged the router with no effect. Im using a dlinkddns.com dynamic IP, and have a few ports forwarded for my DVR. The router model is DIR 615. want to change the DNs for speed and filtering purposes.
View 4 Replies
View Related
Jun 28, 2012
How do I change my cisco wireless from a dynamic setting to a static settings.
View 1 Replies
View Related
Jun 26, 2012
we have over 100 AP1242 with c1240-k9w8-mx.124-23c.JA2 image, tow 5508 controller and WCS running. After the ap reboots, the duplex settings of the fa0 interface change to half duplex. I have to set it manually to full duplex. In my WCS or with the 5508 controller I have no chance to set the duplex settings for my ap's.
View 7 Replies
View Related
Jul 18, 2011
I have had a WRV200 wireless router running at the family office now for a several years now and recently I was made aware of an issue with the router. Previously it's function was to provide internet access for the laptops at the office and two workstations. It was a simple set up really, 1 SSID was for the work computers that were allowed on the internet and another SSID for personal and quest wireless devices and I made sure they were in seperate VLANs. This issue came into light after our office moved and with some new upgrades in networking equipment it was deemed safe enough to have the other computers on my wireless router.
What is happening is that all the computers will have a momentary drop of connectivity and will re-establish it's connection to the wireless router. I check the event viewer and it's the same thing accross the board. I'll have several DHCP warings specifically event ID 1003 and finally DHCP error 1000 almost 30 minutes after the first warning. From the looks of it there is something going on with the DHCP addresses about to expire and the systems are having issues trying to get it renewed. The error will happen then the computer will restore the connection.
I have it isolated to the WRV200 because of two reasons. Every machine is having this issue, it's not a random occurance on one computer. The big clue was when I checked Event viewer on my Marketing Director's laptop. These same errors were present all the way back to May which was before the office move and the router was provide access for our laptops to get online. There was no other networking equipment connected to it except for the Clearwire modem.
Between May and now the router has been reconfigured from scratch. New SSIDs, redid the internal IP addressing network wide to incorporate the new computers and would be easier to manage them that way. All wired devices go through a 16 port switch and then through port 1 on the router. Port 1 is on VLAN 1 and the others on VLAN 5. The 3 SSIDS are each on their own seperate VLANs. All systems are on DHCP and the important computers and the printers I am using Static DHCP. In the mean time I set all the important machines to use an alternate IP addressing scheme so hopefully there is no drop in conenctivity. While the drop is minor it could cause issues in the program called SLS (especially during printing) so I can not have this issue to continue. Configuration wise everything is defualt, is there something to change in the configuration settings that I may have missed twice now or the router simply near the end of it's life cycle.
View 1 Replies
View Related
Aug 8, 2011
I use CiscoWorks LMS 4.0.1.
I planned a discovery of devices for some time, but if I change the parameters of discovery (adding a seed device) in "Discovery Settings Summary", this change does not apply in the scheduled task.
If I change the settings in the scheduled task, the changes do not apply in "Discovery Settings Summary". We must change the settings 2 times.
View 1 Replies
View Related
Jul 5, 2011
For some port fowarding reasons I have to change my router setting to these:Maximum Ports: 4096TCP Timeout (in seconds): 600UCP Timeout (in seconds): 120I am using a Realtek router ( Family PCI-E Gigabit Ethernet <NDIS 6.20>)This is supposed to be EXTREMELY easy but I lack any general computer knowledge whatsoever. In laymen's term, I am N00B.
View 1 Replies
View Related
Oct 22, 2012
In my restaurant, we currently have a password protected wifi network for customers and staff. The load is typically light, so it's worked fine. Now, we're putting in a new cloud-based point of sales system, which effectively means that I need a totally uninterrupted, high quality wireless signal running to the POS terminal (in this case, an iPad). If the terminal is sharing that connection with 15 customers Facebooking on their iPhones, I imagine we'll have some signal issues. I'd rather not install a second network dedicated to the POS terminal. Are there any other possible solutions, i.e. a way to give priority to the terminal over other connections? A way to "split" the existing network so only a portion of it is available to customers?
FYI, current network speed is 20/mbs 2/mbs, and the POS terminal requires a minimum of 7/2 mbs.
View 5 Replies
View Related
Feb 5, 2011
When I set up my Linsky's Router,I set it up for 2 old computers (I can do 3 on it.) I bought a new laptop & added that. I no longer own the 2 older computers and would like to remove them & add my sisters laptop + the newer laptop she gave my little girl. I would also like to change it so that it is password protected instead of closed so that family & friends who visit may get online as well.
View 3 Replies
View Related
Feb 6, 2011
I have a Dell Inspiron and it had a virus that didnt let me get into anythihng I took care of the virus, but now when I go to internet explorer it says I cant connect (I am connected to the wifi) so it tell tells me something about tools-internet options-connections-LAN settings, but I have no idea how to fix the proxy settings?
View 1 Replies
View Related
Jun 1, 2011
How do I personalize the settings on my router from default. Netgear wnr2000.
View 2 Replies
View Related
Jan 11, 2011
we are charter High speed customers and just recently upgraded are connection speedHowever today my sisters netbook wireless connection stopped working. My DS wifi connection is also dead now In the past the the wireless network name was wifi-****** but now its called wireless and the wep key no longer works
View 5 Replies
View Related
Jan 16, 2012
how to change security settings so my kids can go online on their nintendo ds lite. we have d link router. 192.168.0.1
View 1 Replies
View Related
May 19, 2011
If I change the network adapter settings to 100 Full Duplex, is there any changes that will take effect? even if we don't have Cisco switches in our network.
View 4 Replies
View Related
May 4, 2010
I try to change the wmm settings to video, but it's always going back to background settings after saving.I already re-uploaded the firmware, but with no result...I noticed that is a newer firmware available for the WET610n where they solved this issue, but they haven't changed it for the WAP610n....
View 9 Replies
View Related
Jan 3, 2012
I'm in the middle of a Nexus 5000 project and recognized today while configuring port-channels, that some of the interface numbers are reserved for internal use.
Is it possible to change or configure which port-channel interface numbers are allocated for internal use by NX-OS?
Unfortunatly I wasn't able to find a solution for this issue in the offical Nexus documentation, the search function of this forum or Google. If I did miss something or didn't look careful enough at the Nexus docs, I'm also happy with RTFM (... fine manual) responses and links to the info :-)
Additional info:
Nexus5k(config)# interface port-channel 128 ignored port-channel128: internally used, configuration not allowed
Port-Channels 111, 113, 115, 119, 121, 200, 211, 222 were created manually, but 127 - 129 were not.
Nexus5k# show port-channel usage
Total 11 port-channel numbers used
============================================
Used : 111 , 113 , 115 , 119 , 121 , 127 - 129 , 200 , 211 , 222
Unused: 1 - 110 , 112 , 114 , 116 - 118 , 120 , 122 - 126 , 130 - 199
201 - 210 , 212 - 221 , 223 - 4096
[Code]......
View 3 Replies
View Related
Nov 7, 2012
I picked up this RV180 router because it has one of the fastest thru speeds of all the routers tested that I viewed on smallnetbuilder. That and it has the cisco name. I grew tired of purchasing wireless home routers every year after they fail. So far the thing is nice with one exception.
I have one device that is essential on my network called an airave. It is a small device similar to a wireless access point that works on springs voice network. The thing essentially makes a small cell tower inside your house and connects to the sprint network through an Ipsec vpn. I have not ability to change ipsec settings on the device on my end. The device works fine connected to the cable modem or to the old slow dlink. When I first connect the thing it works fine for about 5-10 minutes on the cisco. Then the thing loses connection and I lose my cell phone service. Just to test any port conflicts I made this the the DMZ with no luck.
I have also tried a firmware upgrade. I have not messed with any of the firewall settings or port forwarding since DMZ should in theory fix that. I have assigned the thing a fixed IP address but that does not seem to make a difference. It did not on my old router and is mostly just for my sanity and to facilitate the DMZ.
View 4 Replies
View Related
Jun 16, 2012
I have a new WAP54G Access point in our network. I would like to change WPA security settings, but am not able to do it.I have done everything as installation leaflet says, and I get to the 5th point Status sheet: Firmware version v.304, MAC address (numbers), IP address 192.168.1.245, SSID linksys, Channel channel 6 and WEB security Disable
What I would like to do, is change SSID and have WPA2 security. When I am clicking "Yes", it goes to the next sheet "Password", I write admin and click "Enter". I will have Pop-up window "Setup Access violation at address 0049BDB6 in module 'Setup.exe'. Write of address C933016A."
View 2 Replies
View Related
Apr 12, 2011
I would like to change my DNS settings and I can not figure it out through the routers gui. I tried Google'ing it but I got nowhere.
View 2 Replies
View Related
