Cisco Firewall :: How To Configure 5520 To Resolve Names In ASA

Feb 4, 2013

How to configure ASA 5520 to resolve names in ASA's. We are currently using ASDM to configure network objects with the hostnames in the internet and then specifying the IP address . But this is done manually. Is there a different way of setting it up on ASA. Also when getting reports from ASA, we see the IP's but is there a way that we could add an identity to the IP's (reverse lookup)

View 1 Replies


ADVERTISEMENT

Host Names Do Not Resolve With Right IP Address

Nov 30, 2011

where the host names do not properly resolve with the right ip address.Example, I ping a host name, it gives me an IP, but when I VNC into the workstation, it is a totally different host.

View 2 Replies View Related

D-Link DIR-655 :: Local Names Don't Resolve On New Cascaded

Jul 15, 2011

1. I have a DSL modem + wireless + router
2. I have a Vonage phone that taps into one of the LAN ports
3. I have DIR 655 router that taps into one of the LAN ports
4. I have NAS that taps into one of the DIR 655 LAN ports
5. I have Printer that taps into one of the DIR 655 LAN ports
6. I have a BD Player that connects to DIR 655 through wireless.

All my components that are tied to DIR-655 resolve through IP address. I would like to have the resolution through host name as it works with my first router (DSL Modem / Router). Identifying components with IP address is not only inconvinient in terms of reading / recognizing my components but ther could be other issues. I am not very techie on the networking side but I do have some basic knowledge.

View 6 Replies View Related

Cisco Firewall :: ASA 5520 - Unable To Resolve External Hostname Internally

Jul 1, 2012

I am working on adding a mapping to our external address for our mail server - let's call it mail.example.com
 
I would like to be able to access mail.example.com internally for our user's smartphones - if they access our company WiFi they are not able to get mail using the mail.example.com as the server name in their phone setups.  However, once they leave the office and use any other WiFi it works fine. Also, I am unable to ping that address from any internal device.  I believe also this is the reason Exchange accounts do not work on our site to site VPN connections.
 
I have a ASA 5520 and work primarily in the ASDM 6.4 to do configurations in the main office and have 5510 in our site to site connections.

View 6 Replies View Related

Cisco VPN :: 5520 - Cannot Resolve DNS In Windows 7 X86 SP1 With 5.0.07.0290

Jun 23, 2011

I am unfortately the only IT staff now for 100 - 150 users in my organization besides a consultant who doesn't have an answer for this issue even though he sold us the hardware and environment. While I realize that this version of the Cisco VPN doesn't support Windows 7, we do have some Windows 7 PC's that have the software and work perfectly fine upon install. In this case, I am at a remote location with both a Windows XP SP3 and Windows 7 SP1 computer. Both have the same Cisco client installed and connect to our ASA5520. I cannot get DNS resolution out of this computer to any remote network resources or other domains such as cnn.com including localhost. Adding the entries manually in the hosts file does nothing and I even tried removing the VPN client, the network connections and components and even a manual winsock reset. I cannot resolve internet DNS but can ping all internal IP addresses. The Windows XP computer across from me has no issues. I am not going to update any VPN clients as we still don't have computers who are functional so I need to spend money where it counts before I upgrade computers and I cannot perform a downgrade on this model because the previous person who bought it didn't bother to check Windows XP compatibility before they installed them in 10+ communities.
 
Here's my IP config - FYI all works well when not connected to the VPN for general web domains.
 
C:UsersAdministrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : GHN-Green-S01   Primary Dns Suffix  . . . . . . . :

[Code].....

View 2 Replies View Related

Cisco Firewall :: ASA 5520 - Configure QoS

Mar 10, 2011

We have Cisco ASA 5520 firewall. ASA Version - 8.0(4). ASDM Version - 6.1(3). Firewall Mode - Routed.
 
We want to configure QoS for some subnets and enable policing such that they cannot use more than 1mb of bandwidth. I think we cannot create more than 1 policy for it. In that case i created a policy with QoS enabled and configured the Input and Output policing with Commited Rate of 1024000 bits/second. But it does not seem to work.
 
how can i create such policy in the ASA to limit certain subnets to 1mb bandwidth ?

View 1 Replies View Related

Cisco Firewall :: Configure ASA 5520 With 2 ISP?

Mar 18, 2012

i'm trying to configure an ASA with two ISP to be reached from internet for vpn access, the objective is that the user can use any of the Public address attached to ASA to connect to the company. Is this possible? i'm facing some problems because i can not use two different default routes (same AD) pointing to two different interfaces, this is the message that i receive "ERROR: Cannot add route entry, possible conflict with existing routes" and when i change the AD of one of the default routes i just can reach one ISP.

View 1 Replies View Related

Cisco Firewall :: Configure Sub-interfaces In ASA 5520?

May 23, 2012

I have a cisco ASA 5520 that i'm configuring.From the actual Firewall (with is a linux server), we have the outside interface eth0 with has a public IP and other sub-interfaces (eth0.1; eth0.2,...) with others publics IPs.I'd like to know how I can configure it in an ASA

View 7 Replies View Related

Cisco Firewall :: How To Configure Identity In ASA 5520

Nov 4, 2011

i have an ASA 5520 with ios 8.4 and asdm 6.4.
 
my configureation is below 
my asa interfaces 
inside ip
172.16.0.0/22

[Code]..... 
 
so now i want to configure my asa to give access to user based. what configurations should i use to do so.
 
i have attached the Edit Active Directory Server  dialuge box so what should i put there in the box's

View 1 Replies View Related

Cisco Firewall :: ASA 5520 Active Standby And IPS Configure

Mar 3, 2013

I have two ASA 5520 version 8.2 in active Standay Mode. What is a good practice to setup IPS AIM ssm-20 for this setup.
 
Is IPS should be in Fail-Open or Fail-Close mode ?
 
Is Mangement ip for both IPS module should be same or diffrent. ?

View 6 Replies View Related

Cisco Firewall :: Configure ASA 5520 In Transparent Bridge Mode

Sep 20, 2012

I am new to cisco ASA. I need to configure ASA 5520 in transparent bridge mode. [code] I need to place the new asa firewall in transparent mode. How to configure the firewall in transparent bridgmode.

View 5 Replies View Related

Cisco Firewall :: Configure Secondary IP On Inside Interface Of ASA 5520?

Nov 24, 2012

We already have a subnet defined to inside interface and is in produciton. the default gateway is this interface ip. In that setup now I have to add one more subnet and as the first subnet is been defined in ASA indside interface, I have to assign secondary Ip to the inside interface so that new subnet users can easily reach here and go outside.

View 1 Replies View Related

Cisco Firewall :: Configure ASA 5520 To Send SNMP Trap?

Apr 16, 2012

Below is my config for IP SLA.  I would like a SNMP trap to be sent when my primary fails over to my secondary and so on.
 
sla monitor 20
type echo protocol ipIcmpEcho 100.X.X.1 interface INET-FIOS150
num-packets 2

[Code].....

View 4 Replies View Related

Cisco Firewall :: 5510 To 5520 Configure File Transfer?

Jan 3, 2013

Is it possible to import the config of a 5510 to a 5520. Trying to replace two 5510's with 5520's and wondering is there a way import the existing config files for the 5510's into the 5520's?

View 3 Replies View Related

Cisco Firewall :: ASA 5520 - How To Configure Logging For Remote Access VPN

Apr 16, 2012

i have cisco ASA5520 and i have a remote access vpn .I want to configure logging for this remote access vpn.
 
i want the time user connected .how log it is connected .If any error while connecting ?

View 4 Replies View Related

Cisco Firewall :: 5520 - Configure ASA To Show Up Hop In IPv6 Traceroute?

Jul 12, 2011

To show up the ASA as a hop in a traceroute, one can use the 'set connection decrement-ttl' feature in a policy map.During my tests I recognized, that this behaviour only affects IPv4 traffic.

An IPv6 traceroute still does not show the ASA as a hop.How can I configure the ASA to show up as a hop in an IPv6 traceroute?The ASA is a 5520 with v8.4(1) installed.

View 7 Replies View Related

Cisco Firewall :: Asa 5520 / Configure Two Static Nat Statements From Inside To Outside And Backup Interface?

Oct 16, 2011

I have a asa 5520 with an outside and backup interface. I am trying to configure two static nat statements from the inside to the outside and backup interface. Here is what I have configured so far.

object network obj-10.1.1.254
host 10.1.1.254
object network obj-10.1.1.254
nat (inside,outside) static 172.25.10.3
 
I want to also use nat (inside,backup) static 172.25.10.3

View 3 Replies View Related

Cisco Firewall :: 5505 DNS Does Not Resolve Inside DMZ

May 14, 2012

I have a 5505 that currently has inside/outside interfaces and everything is working just fine. I am trying to create a DMZ that will essentially be just for vendors/guests. the DMZ will have full access to the outside (Internet) but no access to the inside. I am using the FW for DHCP, and 8.8.8.8 and 4.2.2.2 for DNS. I currently have 1 laptop in the DMZ vlan, and it is getting a correct IP, and it is showing 8.8.8.8 and 4.2.2.2 in ipconfig. I can ping/tracert 8.8.8.8/ 4.2. 2.2/74.125.137.147(what url... resolved to on a laptop connected to the inside vlan), but I cannot ping nor browse to url.... [code]

View 1 Replies View Related

Cisco WAN :: 1841 Router Can't Resolve DNS After Enable IOS Firewall

May 9, 2013

my 1841 router can't resolve dns after enable ios firewall, I try to ping google.com from router's console fail, but dns resolution is fine from lan side.
 
my partial config---------------------------------
!
ip name-server 8.8.8.8

[Code].....

View 10 Replies View Related

Cisco Firewall :: Allow Dmz Zone Server To Resolve Only Dns Query Through Nslookup On ASA 5540

May 2, 2012

How I can allow dmz zone server to resolve only dns query through nslookup on ASA 5540? What is the configuration required on ASA 5540 ?

View 13 Replies View Related

Cisco Firewall :: ASA 8.4 DNS Names In Object-groups

Jun 8, 2011

Is it possible somehow to define externally administred DNS namese in ASA 8.4 in within object groups?i know that we can use name XXX, but some idea popped up using this kind of configuration.

View 3 Replies View Related

Cisco Firewall :: ASA 5505 - Local Host Names To DNS Server At Main Site

Mar 3, 2013

I ran into a very interesting problem that occurred today and I'm trying to figure out why it happened. If it was one ASA 5505 that just required the reboot, then I'd have just chalked it up to a glitch, but when we built a new AD/ DNS server on the main network at the main site and changed the 3 Remote site ASAs to point to the new DNS server in the DHCPD options, none of them could ping any local host names to the DNS server at the main site they were now pointing too, but external host names { URL} all translated and pinged fine.
 
From a laptop on one of the remote sites, we could ping the new AD/DNS server(192.168.0.3) and the old AD/DNS server(192.168.0.2) and everything else at the main site, and telnet to port 53 showed successful across the Easy VPN from the Remote site to the new server at the main site. When wire shark was added to the new DNS server at the main site, the DNS request and replies for {URL}, for example, came and worked fine, but any requests for local resources never made it to the server from the remote sites.
 
A reboot of one of the Remote Site ASA's corrected the issue. Then I rebooted the other two remote site ASAs, and now DNS was working fine for everybody. I had also tried clearing the ARP cache on the ASAs before resorting to rebooting them. I also tried rebooting the laptop thinking the local DNS cache needed cleared before resorting to rebooting the ASAs. I'm struggling to understand why external, public host names made it through and resolved from the remote sites to the new server at the main site, but anything local failed before even reaching the new server(The new DNS server could resolve requests made by computers at the main site, but the remote sites that traverse the Easy VPN from the ASAs failed).  The new AD/DNS server is the only server configured for DNS for all remote site computers.
 
Is any of this making sense? I'm wondering if clearing the x late or local host tables would have corrected it without having to reboot. I'm just trying to grasp the understanding here and figure out what happened.

View 5 Replies View Related

Cisco VPN :: Unable To Configure Anyconnect In ASA 5520

Feb 17, 2013

We have an ASA 5520 with two VPN profiles working fine.Since some users are now working with Windows 8, VPN clients for Cisco ASA is not able to connect.I have read there are problems for such VPN Clients in that OS, and I should use now Anyconnect for them to connect. I thought we had anyconnect working also, because some users can connect to a web page they can do some kind of connections to internal servers, (web, telnet, rdp, etc) so I installed cisco anyconnect VPN client in a laptop and try to connect (same IP and port I used for that web page) but after signing I get the message AnyConnect is not enabled on the VPN Server.So I tried to follow a configuration guide for Anyconnect, but there's a step in which I am trapped, these are the steps: Click Configuration, and then click Remote Access VPN.

View 7 Replies View Related

Cisco Switching/Routing :: Best Way To Configure NAT ASA 5520?

Jun 21, 2012

If I have an ASA 5520 with an INSIDE interface, a DMZ interface and a WAN interface what would be the best way to configure NAT? If I configure nat-control and a nat (inside) 1 0.0.0.0 0.0.0.0 this will configure everything to be NAT'd when passing from the INSIDE interface out.My question is what about the devices I want to access in the DMZ from the inside for management etc? I'm guessing the ASA isn't smart enough to realise you're accessing hosts in it's DMZ interface so do you have to configure a nat 0 rule for every subnet within the DMZ you want to access or is there an easier way to do it? It's worth noting that the same devices will be accessing the OUTSIDE network and the DMZ network from the INSIDE network.

View 6 Replies View Related

Cisco WAN :: Configure Traffic Between 2 Networks In ASA 5520?

Apr 16, 2013

I have a firewall ASA 5520. In this time I have connected 3 networks (192.168.1.0 INSIDE, 192.168.2.0 INSIDE2, 10.0.1.0 OUTSIDE). I follow the article [URL] to configure my firewall, but the ASA no permit  traffic (ip, udp, icmp, etc) between the networks.
The configuration that i have is:
 
ASA Version 8.2(1)
!
hostname Firewall
domain-name xxxxxx.com

[Code].....

View 1 Replies View Related

Cisco VPN :: ASA 5520 / Configure VPN For Blackberry Playbook

May 23, 2011

I am trying to connect to VPN using Blackberry Playbook. how to configure this VPN using ASA 5520.

View 1 Replies View Related

Cisco VPN :: Configure Remote Access VPN In ASA 5520?

Jan 22, 2013

I am trying to configure Remote Access VPN in our Cicco ASA 5520 firewall through SSL VPN wizard. I tried to configure Anyconnect VPN client option, but after entering user/pass it gives error "An error was received from the secure gateway in response to the VPN negotiation request. Please contact your network administrator. The following message was received from the remote VPN device: No assigned address"

As looking online there is no easy step-by-step option for same. I want to provide Remote Access VPN to some of our user abroad who should have access to few server applications and no internet access.

View 8 Replies View Related

Cisco Firewall :: Different Between ASA-5520-K9 And ASA-5520-K8

Nov 2, 2012

We were using ASA-5520-K9 with  ASA-SSM-AIP-20-K9 but recently found some hardware problem in our running ASA. Now cisco want to replace with ASA-5520-K8.

View 1 Replies View Related

Cisco :: Configure NAT For Internal SMTP Server In ASA 5520

Sep 21, 2012

I need to configure my ASA 5520 version 7.3 firewall to translate our SMTP server residing in local LAN to use different IP address from the outside interface which is used by all other computers to access Internet. Under NAT section, I have NATted this internal SMTP server with different IP address(eg x.x.x.1) and also translated the remaining IP addresses in the LAN to the outside interface(eg x.x.x.2)

my problem is, Whenever i check the header for message coming from the smtp server it shows that, the SMTP server is also translated by using the same outside interface public ip address(i.e x.x.x.2) which is used by other client machine to access internet instead of the x.x.x.1. How I can get my SMTP server to use separate IP and avoid to be blacklisted by some domain.

View 4 Replies View Related

Cisco :: Configure NAT For Inside SMTP Server In ASA 5520

Sep 20, 2012

I need to configure my ASA 5520 version 7.3 firewall to translate our SMTP server residing in local LAN to use different IP address from the outside interface which is used by all other computers to access Internet.

Under NAT section, i have NATted this internal SMTP server with different IP address(eg x.x.x.1) and also translated the remaining IP addresses in the LAN to the outside interface(eg x.x.x.2)

my problem is, Whenever i check the header for message coming from the smtp server it shows that, the SMTP server is also translated by using the same outside interface public ip address(i.e x.x.x.2) which is used by other client machine to access internet instead of the x.x.x.1.

how i can get my SMTP server to use separate IP and avoid to be blacklisted by some domain.

View 3 Replies View Related

Cisco VPN :: ASA 5520 - Configure VPN To Dual Remote Endpoints

Dec 13, 2011

Not sure if my subject is a good decription of the problem or not.
 
I have an ASA 5520 at my home office and a SonicWALL NSA2400 at my remote office.  The remote office has dual internet connections and I wanted to create two seperate VPNs between the devices using each internet connection on the SonicWALL.
 
I know how to configure this on the SonicWALL, the problem is on the ASA 5520
 
OK Basic network config
 
Main Office

ASA Public IP 1.1.1.1

ASA Internal network 192.168.1.0 (VPN source)
 
Remote office

Public IP 1     2.2.2.2

Public IP 2     3.3.3.3

Iternal network 192.168.2.0 (VPN destination on ASA)
 
If I have a VPN from the main ASA to either one of the SonicWALL's public IPs everything works fine

If I create 2 VPN tounels from the main ASA, 1 to each public IP on the SonicWALL, the VPN shows as up but no traffic flows.

View 1 Replies View Related

Cisco Infrastructure :: Configure MAC Address On ASA 5520 Interface?

Aug 31, 2006

I want to configure a MAC address on my asa 5520 interface.I ask you if exist a private MAC address range?

View 5 Replies View Related

Cisco VPN :: 5520 Configure Intra Interface Command To Enable Connectivity Between Remote Clients

Feb 3, 2013

I'm working with AnyConnect for the first time (my prior experience is with IPSec client) and I have multiple remote users who connect to a 5520 via AnyConnect client; they need to print to each others' shared printers but currently have no connectivity between each other.
 
Can I configure the 'intra-interface' command to enable connectivity between remote clients, or is there more that needs to be done to enable this, presuming that it can be done at all?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved