Cisco Firewall :: Create Etherchannel With Sub-interfaces On Asa 5520 Running 8.4.1 Code?

Jun 22, 2011

I am trying to figure out how to create an etherchannel with sub-interfaces on an asa 5520 running 8.4.1 code.  It doesn't seem to allow me to configure any type of sub interface on the port-channel or anywhere else once I create it. 

View 4 Replies


ADVERTISEMENT

Cisco Firewall :: Max Sub-interfaces For ASA 5520 Running 8.2.2?

Feb 28, 2011

I have a Cisco ASA 5520 running 8.2.2 with the VPN Plus license.  I am wondering what is the max number of sub-interfaces you can have on a physical interface.  I know on the 5505 it was 20 sub-interfaces if you were running the Security Plus license. What is the magic number for the 5520.  I have hit 20 sub-interfaces on gi0/1 interface and now I am starting to run into problems with sub-interface #21.

View 1 Replies View Related

Cisco Firewall :: 5510 Running Code 7.2 With Ssl Users

Mar 21, 2012

I Have an asa 5510 running code 7.2 configured with ssl vpn,ssl vpn users able to connect to to portal which i have configured with the required resources,but the thing is that these ssl users unable to upload files to cifs shared directory , although they have full access to the shared folder

View 0 Replies View Related

Cisco Firewall :: 5510 ASA Cannot Create Sub Interfaces For Intervlan Routing

Apr 8, 2013

I am trying to setup intervlan routing with a Cisco ASA 5510 and two 2960-S switches. The 5510 currently is using ASA Version 7.0(2) and has a base license. I tried to create a sub interface today based on some info I found regarding the routing piece and it didn't recognize the command. I'm thinking I may need to update the IOS code or the license on the firewall. I know the syntax was correct because I looked it up and found it in a Cisco document.

View 15 Replies View Related

Cisco Firewall :: Unable To Create VLAN Interfaces In ASA 5510

Nov 13, 2011

Unable to create VLAN interfaces in ASA 5510

View 1 Replies View Related

Cisco Firewall :: 5525-X Cannot Create New Sub-interfaces / Etherchannels Through ASDM 7.1(1)

Apr 9, 2013

We are suffering an issue with ASDM 7.1(1) on a 5525-X with 9.1(1) software. In the Configuration --> Interfaces window, I can modify parameters on physical interfaces, I can modify parameter on subinterfaces, but I cannot create new subinterfaces or Etherchannels through ASDM.
 
When I create a subinterface, entering all parameters, interface name, vlan id, security level, etc., then I click on "Apply" button and nothing happens. It doesn't send anything to ASA. If I click on another window, ASDM ask for applying changes, I click on it, but nothing is applied and window doesn't change. It happens only when creating new interfaces. If I create them through CLI, then I can modify parameters without any problem.
 
I have tried re-installing java and I have tested with 6.31, 7.9, 7.11, 7.17 Java versions, from Windows XP, Windows 2003 Server and Windows 7 computers with same issue. Also with Linux Mint distro with IcedTea Java.

View 3 Replies View Related

Cisco Firewall :: ASA 5520 Refuses To Load 8.x Code?

Oct 17, 2011

I have a ASA# here that refuses to load 8.x# code. I do not have an issue loading 7.x# code at all. When I power on the ASA# it does not pass the fsck#.
 
Loading /asa842-k8.bin#... Booting...Platform ASA5520# Loading...IO memory blocks requested from bigphys# 32bit#: 20848dosfsck# 2.11, 12 Mar 2005, FAT32#, LFN#
 
I have tried 8.0, 8.2, 8.3, 8.4 codes. I have also swapped RAM and flash.

View 5 Replies View Related

Cisco Firewall :: 5520 - ASA Sub-interfaces NAT

Sep 7, 2011

i have an ASA 5520 running ver 8.4(1). have attached my interface config below and need to do the following, NAT traffic coming on GigabitEthernet0/2.101 to GigabitEthernet0/1, i.e. packets with destination 10.21.110.25 will be forwarded to 10.11.21.25, will a  nat (Production,Advocate_MPLS) static ... statement work ?
 
------------------------------------------------------------------------
interface GigabitEthernet0/1
description Production
nameif Production
security-level 100(code)

View 1 Replies View Related

Cisco Firewall :: Routing Between Interfaces On ASA 5520?

Jul 10, 2012

We have an ASA 5520 which is in multiple context mode. We are trying to pass traffic from the outside interface to the dmz interface. We have a /27 public ip range. We need a small amount of those addresses to be in the DMZ for SIP servers specifically. The rest of the addresses are NAT'd to the inside interface.So i created the outside interface GigabitEthernet0/0 with 1.2.3.192/28 Inside Interface GigabitEthernet0/2 with 192.168.20.0/24 DMZ interface on GigabitEthernet0/2.1 with 1.2.3.208/29 So all i want to do is route traffic that comes in the outside interface and out to the DMZ interface for the 1.2.3.208/29 subnet. I set the gateway address as 1.2.3.214 which is the DMZ interface address on the ASA.

View 20 Replies View Related

Cisco Firewall :: 5520 VPN Traffic Between Interfaces

Jun 12, 2011

Our ASA 5520 firewall is running 8.0(4) IOS.I have an internal L2L VPN terminating on my firewall (from an internal remote site) on ENG interface.With the default "sysopt connection permit-vpn" command enabled, VPN traffic is allowed to bypass the ENG interface acl.The security level on the ENG interface is set at 50.The security level on the destination interface PRODUCTION is set at 40.Inbound VPN traffic bypasses ENG interface acl and since higher-to-lower security level allows VPN traffic to flow freely from ENG to PRODUCTION, it seems the only place to check/filter VPN traffic is an ACL placed on the PRODCTTION interface and set at INBOUND (outbound VPN traffic).

View 4 Replies View Related

Cisco Firewall :: Configure Sub-interfaces In ASA 5520?

May 23, 2012

I have a cisco ASA 5520 that i'm configuring.From the actual Firewall (with is a linux server), we have the outside interface eth0 with has a public IP and other sub-interfaces (eth0.1; eth0.2,...) with others publics IPs.I'd like to know how I can configure it in an ASA

View 7 Replies View Related

Cisco Firewall :: Routing Between Two Sub Interfaces On ASA 5520?

Oct 15, 2012

I have two virtual interfaces on my ASA 5520:

GigabitEthernet0/1.338     172.30.0.81/28
GigabitEthernet0/1.345     172.30.0.129/28
 
I have the security levels for both set to 50 and in the ASDM I have checked off "Enable traffic between two or more interfaces which are configured with same security levels"
 
But now the need has arisen that we allow each subnet to be routable to each other for SMTP traffic, how can I accomplish this?

View 5 Replies View Related

Cisco Firewall :: ASA 5520 - Sub-interfaces With IPv6 Prefix

May 31, 2011

We have been testing out IPv6 configurations on a 5520 running 8.2(4).  We have assigned EUI-64 prefix addresses to sub-interfaces to allow clients to auto-configure there IPv6 IPs and it works correctly.   I used ASDM to do the original configuration and noticed that there were two different ways to do it, both of which seem to work.  I can add a prefix under the Interface IPv6 Addresses dialog box and check EUI64 or I can add it under the Interface IPv6 Prefixes.  But using the two methods yields two different interface configurations:
 
1.
interface GigabitEthernet0/1.40
vlan 40
nameif test

[Code].....

View 5 Replies View Related

Cisco Firewall :: 5520 Static NAT And Same IP Address For Two Interfaces

May 28, 2012

We have a Cisco ASA 5520 and in order to conserve public IP addresses and configuration (possibly) can we use the same public IP address for a static NAT with two different interfaces? Here is an example of what I'm refering too where 10.10.10.10 would be the same public IP address.
 
-static (inside,Outside) 10.10.10.10  access-list inside_nat_static_1
-static (production,Outside) 10.10.10.10  access-list production_nat_static_1

View 2 Replies View Related

Cisco Firewall :: ASA 5520 8.2 With Same Security Level Interfaces

Mar 27, 2013

I have issue with traffic passing between same security level interfaces. I want to control traffic between same security level interfaces with ACL. Even no restriction, traffic does not go through. [code]

I tried to access server from THREE network to web server at FOUR network I have no response. In sh xlate output it shows "PAT Global 10.124.104.254 (28889) Local 10.124.103.1(2922) " I am not sure what else should I do. I add both same-security-level commands and it is the same.

View 6 Replies View Related

Cisco Firewall :: ASA 5520 Interfaces Bounced Due To WR Mem Executed

Sep 20, 2011

One line of an ACL was changed on an ASA 5520 (primary) and a wr mem was issued to save the change. It appears that when the wr mem was executed, the interfaced on the standby ASA bounced. Configurations have been saved in the past without the result of what's in the log entry.. 
 
ADC-5520-MGMT-FW01/stby# show logSyslog logging: enabled    Facility: 22    Timestamp logging: enabled    Standby logging: enabled    Debug-trace logging: disabled    Console logging: level errors, 1203060 messages logged    Monitor logging: level errors, 1203060 messages logged    Buffer logging: level errors, 17590658 messages logged    Trap logging: level informational, facility 22, 450126258 messages logged        Logging to management 10.5.3.214        Logging to management 10.142.20.214        Logging to management 10.218.3.31    History logging: disabled    Device ID: disabled    Mail logging: disabled    ASDM logging: level informational, 464351755 messages loggedSep 21 2011 17:35:29: %ASA-1-709006: (Primary) End Configuration Replication (STB)Sep 21 2011 17:35:44: %ASA-1-105006: (Primary) Link status 'Up' on interface managementSep 21 2011 17:35:44: %ASA-1-105006: (Primary) Link status 'Up' on interface outsideSep 21

[code]....

View 11 Replies View Related

Cisco Firewall :: 5520 Recreate Logical Interfaces For Each Physical Interface

Nov 29, 2012

We have to enable FIPS 140-2 on our ASA5520's for all our IPSEC VPN connections.   We currently have failover on our 5520's. I found a lot of information out there but some seems to conflict one another.What are the things I need to look out for - caveats? Does the clients that connect to the VPN had to use different clients once the FIPS was enabled.Do we need to recreate logical interfaces for each physical interface we have?

View 1 Replies View Related

Cisco Firewall :: 5520 To Pass Traffic Through Ssm 20 And To Create Sensors

Jun 20, 2011

I have installed asa 5520 , software ver is 8.4,I have SSM-20 installed in asa 5520. How to pass traffic through this ssm-20 ,how to create sensors,how to update signatures of this IPS module ,is there any procedure to automatically update the signatures .

View 1 Replies View Related

Cisco Firewall :: ASA 5520 / SSM-20 Password Recovery With 5.0 Image Running

Jun 3, 2012

The customer forgot the password for the ASA SSM-20 ips module installed in ASA 5520 Fw.show module in customer FW shows it up state. I brought it to our office teat bed. here it show

ASA1# sh module
 Mod Card Type                                    Model              Serial No.
--- -------------------------------------------- ------------------ -----------
  0 ASA 5520 Adaptive Security Appliance         ASA5520-K8         JMX1022K03A
  1 ASA 5500 Series Security Services Module-20  ASA-SSM-20         JAB101003C2
 Mod MAC Address Range                 Hw Version   Fw Version   Sw Version    

[code]....*-

what to do with  this module in my test bed.I have to take it back to the customer site to use it in their ASA itself to troubleshoot.There it the status is up and i did use all the hw-module option but no use. The version is 5.0. This module is more than 5 years old and so far no one upgrade the image. ASA 5520 running 8.2.5.

View 8 Replies View Related

Cisco WAN :: WS-C2960G-48TC-L - Etherchannel Interfaces In Suspend Mode

Sep 4, 2011

I configured an Etherchannel two interfaces (Gi0/37 and Gi0/39) in a CiscoWS-C2960G-48TC-L, which is connected to an HP Blade, where they spend 2vlan (16 and 17). The point is that they got these interfaces on a trial and upload these were in sleep mode produces the following log.
 
Sep 1 16:04:38.649:% EC-5-CANNOT_BUNDLE2: Gi0/37 is not Compatible with Po1 and Will be suspended (trunk mode of Gi0/37 is dynamic, is Po1 trunk)
Sep 1 16:04:38.733:% EC-5-CANNOT_BUNDLE2: Gi0/39 is not Compatible with Po1
and Will be suspended (trunk mode of Gi0/39 is dynamic, is Po1 trunk

View 7 Replies View Related

Cisco Firewall :: ASA 5520 - Create Network Object For Range Of Hosts?

Oct 25, 2011

I'm migrating our network objects from our current firewall to a new ASA 5520 configuration. I'm using ASDM 6.4 for configuration.
 
We have a range of IP addresses for hosts that we need to add to a firewall rule/ACL. In the previous FW software I could create an object that was a range of IP address. For example there is an object called emailservers that is defined as 192.168.2.25-192.168.2.50.
 
Is there a way to do a similar thing on the ASA 5520?
 
I can see how to create subnets, but in this case I only have a range of IP addresses, no subnet mask.

View 1 Replies View Related

Cisco Firewall :: 5520 Running 8.4(2) - Setup Active / Standby Failover

Jan 30, 2012

I am trying to setup an active/standby failover with 5520's running 8.4(2) and am having problems with it not dropping connections during the failover. I am using a portchannel from the switch to each ASA and using sub-interfaces off that. I'm using the command Failover mac address Port-Channel1 “mac-address on primary Port-Channel1” “mac-address on standby Port-Channel1”.The command goes through but doing a show interface port-channel1 doesn't show a change in the mac address on the secondary unit after a failover when it becomes active.

View 3 Replies View Related

Cisco Switching/Routing :: 2800 / Does ISR G2 Support Etherchannel Over Integrated Interfaces

Dec 20, 2011

I remember I did that one time on 2800 router with Gi0/0 and Gi0/1 to connect another port channel in 3560G switch. I have no way to try it in ISR G2 router like 2900 or 3900 now. I know the the ethernet switch module must support it. I wonder if the integrated interfaces support it or not.

View 5 Replies View Related

Cisco Switching/Routing :: 3560x To Create Layer 3 EtherChannel

Jun 10, 2013

Is it possible to to build a Layer 3 ether channel from two separate physical switches (layer3) that are trunked together?I know you can easily do this on a single switch and on stacked switches which I've done but in this case the customer have purchased two 3560X's which are not stackable yet want redundancy. The purpose of the etherchannel is to connect both switches to a private circuit provided by the hosted partner then route to the same setup in the DR location to different subnets.

View 4 Replies View Related

Cisco Switching/Routing :: Create 2x10G Etherchannel On 4948?

May 24, 2012

I would just like to confirm if it is possible to create a 2x10G etherchannel on a 4948.

View 4 Replies View Related

Create A New Security Code For Wireless?

Jun 24, 2011

how do I create a new security code

View 3 Replies View Related

Networking :: K15. HP Code Running It With 5400

Dec 13, 2012

I need to update code on my 5400 class HP Procurve's,We think we have ID'd that as what we want to move to, any large # of 5400 and 3500's out in the world on that code, or on another code because they ID'd this as bad

View 8 Replies View Related

Cisco :: 4402 WLC - Possible To Bring Up 3rd Controller Running Old Code

Apr 3, 2012

I have 2 4402 WLC running 7.x.x.x code. I also have some 1510 Mesh- L WAPs that require an old version of code. I need 4.1.192.22M for those. Is it possible to bring up a 3rd controller running this old code with the other 2 4402's running modern code? What will break? I know that anchoring and mobility might get messed up. What are the other caveats?

View 2 Replies View Related

Cisco Firewall :: Create Local User In ASA 5520 To Allow User To Use ASDM In Read-Only Mode?

Oct 10, 2011

I want to create a local user in my Cisco ASA 5520 to allow the user to use the ASDM in Read-Only mode. I want the user to view the Dashboard only.

View 1 Replies View Related

Dell Laptop Error Code - 0x80070005 Running Windows 7

Jul 6, 2011

I have a new Dell laptop inspiron runningwindows7,I get a error message when I try to access folders on network computer, a classroom network.

View 6 Replies View Related

Cisco WAN :: Create QOS Profile On 4507R With SupIVs Running 12.2(54)?

Oct 14, 2011

I have a requirement to guarantee 100Mb of bandwidth over my WAN for a particular protocol.I've noticed on the 4507R (running 12.2(54)) that I am unable to config a class-map with "match port" (my protocol is not listed so i cant use match protocol").
 
So instead I've created an ACL with the source of the traffic I wish to guarantee.  Next, I've created a policy-map, only to find that I am unable to specify "bandwidth".
 
tell me how I could create a QOS profile, on a 4507R with SupIVs running 12.2(54), in order to guarantee 100Mb to a specific subnet (or vlan, or ideally specific protocol).

View 1 Replies View Related

Cisco Firewall :: Configuration Migration From ASA 5540 Running 7.2 To 5525X Running 9.1

May 7, 2013

I need to replace an existing ASA 5540 with a new ASA 5525X. I would like to pre-stage and configure the new box with the existing config, migrate license and export certificate files before swapping it with the old one during a change window. The new firewall will run 9.1 on deployment. Now the same 7.2(4) cannot just be copied over to 5525X running the minimum 8.6 version. There is a Web based tool available at [URL] according to Cisco documentation but the page does not load for me (Cisco intranet only tool ?). Is there another tool for automatic conversion ?

View 3 Replies View Related

Cisco :: Create Profile That Will Allow Show Running Config But Not Configure Terminal

Oct 10, 2011

In our company we use the ACS 5.and i have a small problem, what we need to do is.create a profile that will allow SHOW RUNNING CONFIG but not configure terminal.i am investigating and im a littel bit lost i have created a new group but i dont see any option to put permissions.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved