Cisco Firewall :: How To Configure PAT On ASA 5545x
Nov 15, 2012Do you know how to configure PAT on Cisco ASA 5545x?
View 2 Replies
ADVERTISEMENT
Cisco Firewall :: How To Upgrade From ASA 5520 (8.2.5) To ASA 5545x
Feb 11, 2013Due to increase of demands on our ASA cluster, we need to upgrade to a new cluster of 5545x. Our current config contains a lot of S2S & NAT
View 1 Replies View RelatedCisco Firewall :: ASA 5545X And Two ISP Load Balancing
Mar 2, 2013I have two Internet connections which are connected to two ISR 2951s. Also I have two ASAs 5545-Xs, which I want to use in Active/Active failover mode with multicontext. The question is: how can I configure ASAs to perform ISP load-balancing as well?
View 4 Replies View RelatedCisco Firewall :: ASA 5545X OSPF Failover?
Jan 21, 2013I have two switches and two ASA in active/standby as connected below. These devices are running OSPF 128 in one area (Area 0).I'm pinging from both laptops to each other both ways. The ASA has the latest "8.6.1-5" image. I've configured the firewall failover polltime to 1s with holdtime of 4s. Pings both ways OK.
<LAPTOP> IP:10.112.132.10/24
| [ACCESS PORT VLAN10]
/ <SWITCH> [SVI VLAN10: IP:10.112.132.1/24]
/ [SVI VLAN20: IP:10.113.128.11/28]
.12 / [ACCESS PORT VLAN20] .13
[code]....
I fail the primary firewall (ASA-ACTIVE). I get a 4 seconds ping loss which is expected (holdtime) however after 10 seconds of pings I get another outage which last anywhere between 5 and 15 seconds. I've done a fair amount of debugging and I did notice that the second outage occurs with the OSPF neighbor goes from "loading" to "full". This doesn't make any sense because the routing table is fully populated when going to “full”.
When perfoming a manual fail back (type failover active on ASA-ACTIVE), pings goes on for approximately 10seconds and then an outage between 5 to 15 seconds. Agsin this outage occurs when OSPF neighbor goes from "loading" to "full".I've tried debugging on the switches and found nothing.
Cisco Firewall :: 5545x - Create NAT From Outside To Inside Using Services?
Nov 21, 2012Do you know how to create a static nat from outside to inside and using services, this is a firewall 5545x
View 9 Replies View RelatedCisco Firewall :: How To Configure Firewall Access For ASA 5510
Nov 4, 2012This is my first time to use the Cisco ASA 5500 family. I have a request from a user to create an access rule, to allow all LAN traffic to Destination IP address 165.241.29.17, 165.241.31.254 with Destination TCP port 5060,5061,5070 and UDP port 50000-52399.
View 9 Replies View RelatedCisco Firewall :: How To Configure PBR For ASA 8.4
Aug 12, 2012We heard that ASA ver 8.4 has PBR. Do we have some guidelines on how to configure PBR for ASA and can it do routing based on URL?
View 2 Replies View RelatedCisco Firewall :: How To Configure ASA Failover For 8.4
Nov 23, 2011How to configure ASA failover for 8.4.
View 1 Replies View RelatedCisco Firewall :: How To Configure ASA 5510
Sep 11, 2011I'm having a problem configuring an ASA 5510. A previous employee started the config and left abruptly. He established a VPN Tunnel between two of our sites and that's working without an issue. The problem is, the network behind the 5510 at the remote location cannot access the internet.
ASA Version 8.2(1)
!
hostname PH-Firewall
domain-name pleasehelpme.com
enable password HXrQty4kqW8s8yeE encrypted
passwd ucA.qrYJWD9UyIFz encrypted
names
[code]....
Cisco Firewall :: Configure Dmz On ASA5505
Dec 20, 2011I have a asa 5505 Sec plus with 3vlan, inside, outside and dmz.
On the outside i have 5 ip's for my use, and in the dmz i have a webserver that need to communicate with one sql server on the inside.
The "sql" also needs to be accessible from outside and thus has a static nat with a dynamic nat so it replies from same ip as on nat ie 72.72.72.5 webserver is natted with 72.72.72.6
sql inside ip is 192.168.1.2, gw 192.168.1.1
webserver ip is 192.168.2.100 gw 192.168.2.1
sec lvl on inside is 100 and on dmz 50
with a dynamic policy running inside-net/24 to dmz-network/24 translagt to dmz 192.168.2.2 i can get it to ping 1 way from inside to dmz, but not the other way around...
All i need is to open 1 port ie 6677 both ways for this communication to work.
I'm not very familiar with the CLI and do most stuf in GUI (know i should learn CLI, but time doesnt let me)...
on access rules i have just added everything from any to any using , ip, icmp, tcp and udp just to be sure... :-)
Cisco Firewall :: Configure DMZ On ASA 5510
Mar 3, 2013I am confiuging a DMZ on my ASA 5510 but I have run out of physical ports, since I have dual Wan ports configured. I plan to implement a DMZ using subinterfaces. I have 2 questions:
1) Do I need to configure a Vlan to complete this task?
2) Do I need to re-configure the other interfaces for subinterfaces and/or vlans as well?
Cisco Firewall :: ASA 5520 - Configure QoS
Mar 10, 2011We have Cisco ASA 5520 firewall. ASA Version - 8.0(4). ASDM Version - 6.1(3). Firewall Mode - Routed.
We want to configure QoS for some subnets and enable policing such that they cannot use more than 1mb of bandwidth. I think we cannot create more than 1 policy for it. In that case i created a policy with QoS enabled and configured the Input and Output policing with Commited Rate of 1024000 bits/second. But it does not seem to work.
how can i create such policy in the ASA to limit certain subnets to 1mb bandwidth ?
Cisco Firewall :: How To Configure ASA 5510 8.2(1)
Jul 25, 2011I'm trying to configure an asa 5510 8.2(1)?I have a range of pub ips 3*.108.234.145-150
>>> E0/0 3*.108.234.146 outside public
>>> E0/1 192.168.1.1 inside
>>> E0/2 192.168.3.1 dmz
would like to map dmz host 192.168.3.107 to external 3*.108.234.147 on port 5000 and 50001 LOCAL LAN should also be able to get to dmz host ports.i've tried a few configs and also following this example:
[URL]
without any luck, here is my config, also posted the out put of show arp which is able to see and ping the host on dmz, also the output of show access-list which shows hits to it.
prophase-pix(config-if)# show running-config
: Saved
:
ASA Version 8.2(1)
!
hostname prophase-pix
enable password encrypted
[code]....
Cisco Firewall :: Configure ASA 5520 With 2 ISP?
Mar 18, 2012i'm trying to configure an ASA with two ISP to be reached from internet for vpn access, the objective is that the user can use any of the Public address attached to ASA to connect to the company. Is this possible? i'm facing some problems because i can not use two different default routes (same AD) pointing to two different interfaces, this is the message that i receive "ERROR: Cannot add route entry, possible conflict with existing routes" and when i change the AD of one of the default routes i just can reach one ISP.
View 1 Replies View RelatedWindows XP Pro - How To Configure AVG Firewall
Aug 30, 2012I'm using windows XP Pro , in a local Lan, internet connection through a DHCP, and System software on IP 192.168.0.254. I'm the Admin of my PC, I just want to use the Internet and the System program. I want to block any user from accessing my PC or viewing my Processes by other programs like (Ideal Admin.). How to configure the AVG Firewall to do that ??
View 11 Replies View RelatedCisco :: Configure 1841 Router And Firewall?
Feb 11, 2013Configuring Cisco 1841 router and firewall.My provider has put their equipment and given me 2 subnets with public ip address. I am used to getting just one Subnet and connecting my firewall straight to the hand off. But in this case I am a bit confused. I assume I will need to put a router and configure it with before I connect my firewall. [code] I also have a firewall that I would like to be on the subnet 2 at 200.xxx.97.130 and have my private network 192.168.xxx.xxx behind it.
View 2 Replies View RelatedCisco Firewall :: Pix 515E Could Configure The Device
Oct 2, 2012We just switched over from a T1 line to 50/4 Mbps cable Internet. The speed was fine with the T1, but when we switched over to cable, the download speeds didn't increase. I'm getting 2-3 Mbps up and still only 1.5 Mbps down. I inherited this network a few years ago, so I didn't configure the Pix initially but I have been managing it and can't find a setting limiting the bandwidth for the liffe of me. I know it's not the Internet because when I connect a computer straight to the modem, the speed is great. As soon as I put it through the Pix though, it slows way down.
View 8 Replies View RelatedCisco Firewall :: Configure The ASA5510 In HA Mode?
Jun 4, 2012configure the firewall Cisco ASA5510 in HA Mode.Enclosed Network diagram.
View 14 Replies View RelatedCisco Firewall :: Configure Dual ISP On 5505 8.4
Mar 27, 2013I am attempting to set up failover dual ISP on a 5505 running 8.4(4) with the Sec Plus license. Everything i have been able to reference so far, points to old commands not available or relevant in 8.4
For instance:
global (backup) 1 interface
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 20.20.20.1 1
route backup 0.0.0.0 0.0.0.0 30.30.30.1 10
What is the new syntax that should be used to mimic these commands? I have the sla and trach reachability configuration already set up.
Cisco Firewall :: Configure SSH Only Access On PIX 506e
Mar 4, 2011How to configure SSH access on my PIX 506e. I would like to use local authentication with no AAA server. Also I would like to have telnet disabled completely.
View 3 Replies View RelatedCisco Firewall :: Unable To Configure RDP On Asa841k8.bin
Aug 5, 2011How to config RDP to internal host from outside. With new OS, unable to configure RDP having issue with NAT commands are different.
View 1 Replies View RelatedCisco Firewall :: Configure IPSEC Vpn On ASA 5505?
Mar 19, 2013I am trying to configure an IPSEC vpn on an ASA5505 I setup an SSL vpn and it works fine, I can browse to the https: address log in and connnect to servers However when I try to setup the ipsec client access vpn it will not connect and I am getting the errors below I used the wizard for the initial configuration Looks like the inital IKE is being blocked or dropped?
%ASA-7-710005: UDP request discarded from my external IP/35781 to external:ASA-external/500
%ASA-7-710005: UDP request discarded from my external IP/35781 to external:ASA-external/137
Cisco Firewall :: To Configure ASDM On ASA 5505
Sep 14, 2011I have a firewall Cisco ASA 5505, and currently it is a command line firewall. I want to configure ASDM so that i can use it as a GUI Web Base interface.I really don't know what to do. How can I configure ASDM on my firewall.
View 7 Replies View RelatedCisco Firewall :: Way To Configure Pim-ssm On Asa 5585x-ssm20
Aug 6, 2012if there is a way to configure pim-ssm on asa 5585x-ssm20.
View 1 Replies View RelatedCisco Firewall :: How To Configure ASA 5505 As DNS Server
Nov 15, 2011I want to configure my Cisco asa 5505 as a dns server, so that when i configure any of my network systems ip address and use my firewall as a default gateway and dns ip, the system should be able to browse internet.
View 5 Replies View RelatedCisco Firewall :: How To Configure A FWSM By ASDM 6.2f
May 11, 2012am trying to config a FWSM by ASDM 6.2f.there are formerly configured interfaces and new interfaces i created.when i add a new access rule it gets added only to all the old interfaces but not to the new ones i created.
1. what wrong with the new interfces i created?
2. whats the logic of auto adding a rule to "all" interfaces , the rules are incoming rules specific to interfaces or groups , why add the to the rule to "all" intefaces?.
Cisco Firewall :: To Set Up The Network And Configure 2504
Oct 2, 2011I am new in networking. All my knowledge is based on books and no real life experience.At my job I am required to set up the network and configure all apparatus I never worked,before with.We have regular cable internet in the office. Modem is connected to Apple router (time capsule). No trouble. Now we are getting fibre optic in the office. Mngmnt has abought the following Cisco:
Cisco Wireless Controller 2504
Cisco 3501 AP 802.11g/n Ctrlr based AP
Cisco ASA 5510 Firewall appliance
Cisco Power Injector AP3500 Series
Cisco Firewall :: Configure ASA 5515 To Allow FTP Server Behind It?
May 5, 2013We have one Cisco ASA5515 firewall, I configured ftp mode to passive, inspect ftp in service, use anoother public to do NAT with ftp server, and also configued ACL in outside interface, but I failed to access the ftp server from internet use that public ip address, no problem to acces the ftp server use its inside address in LAN.
View 9 Replies View RelatedCisco Firewall :: ASA 5505 Can't Configure Interfaces
Mar 20, 2012Got new ASA5550, code 8.2.2 in flash, can't configure "nameif" or "ip address" on the interfaces: [code] These are all the options that I get! Another weird thing I noticed is "<system>" string in "show ver" top line: [code]
View 2 Replies View RelatedCisco Firewall :: How To Configure ASA 5505 And 5510
Mar 18, 2012I am absolutely new in the enterprise firewall world but I would like to start learning how to configure ASA 5505 and 5510. I did some research myself and I found that the material or the topic itself is a huge adventure (lots to read and understand). My company uses IOS versions until 8.2 due to the differences in the NAT-ting rules with 8.3 and 8.4.
View 1 Replies View RelatedCisco Firewall :: Configure Policy NAT On ASA5510?
Apr 12, 2011how can I configure policy NAT on ASA5510. I would like to do the following;
9.1.1.9 NAT to 10.1.1.9
If source IP = 1.1.1.1
then NAT to = 10.2.2.9
the rest NAT to = 10.1.1.9
The issue is I want 1.1.1.1 NAT to 10.2.2.9 when access www.example.com. The rest NAT to current NAT.
Cisco Firewall :: How To Configure ASA 5505 With Different IP Address
Mar 25, 2013I have a test ASA 5505 at home. The DHCP IP address in my real home firewall is 192.168.1.x and as you are aware the default ip address in ASA is the same. how to configure the ASA.
In the link below there is an instruction, it seems it is working for everybody except me. I followed the instruction up and the only change was assigning the IP address, which I chose something other than 192.168.1.x But after the step of creating NAT, I do not have access to the internet. [URL] Also I followed the link below, but the revision of the ASDM in the instruction does not match with mine, so I was not lucky to figure the device.[URL]
1- How can I configure the ASA 5505 with an IP address different than 192.168.1.x (at home = no incoming static IP address = DHCP on subnet 192.168.1.x for the incoming internet)I have installed ASDM 6.3 on my laptop (From work) but when I connect to the ASA it wants to install ASDM 5.7.I tried to connect to the device through ASDM 6.3 and input the IP address 192.168.1.1It takes for ever and it does not connect to the device
2- How can I connect to the device by ASDM 6.3 or any ASDM with higher version than the original of the device?
Cisco Firewall :: Configure ASA 5510 For ActiveSync
Feb 28, 2012I need to allow connection from IPHONE (in Internet) to connect Exchange on private network, synchronising with activesync (https) We have a microsoft TMG on frontal (inside network)
What is the method to parameter CISCO ASA using clientless access: Port forwardind? smarttunnel, web proxy? Nat?
i want the activesync request to cross ASA to go directly on TMG without asking password and user