I have an ASA 5510 and I can not configure fine.
My problem is that I have 10 public address connected to ASA and each public address is redirectioned to an internal IP address.
An of these public address is the ip address of mi ASA.
how to configure and access-list and an NAT, the others I will configure.
interface Ethernet0/0
description Interface_WAN_World-Ttrends
speed 100
duplex full
nameif outside(code)
This is my first time to use the Cisco ASA 5500 family. I have a request from a user to create an access rule, to allow all LAN traffic to Destination IP address 165.241.29.17, 165.241.31.254 with Destination TCP port 5060,5061,5070 and UDP port 50000-52399.
View 9 Replies View RelatedI'm having a problem configuring an ASA 5510. A previous employee started the config and left abruptly. He established a VPN Tunnel between two of our sites and that's working without an issue. The problem is, the network behind the 5510 at the remote location cannot access the internet.
ASA Version 8.2(1)
!
hostname PH-Firewall
domain-name pleasehelpme.com
enable password HXrQty4kqW8s8yeE encrypted
passwd ucA.qrYJWD9UyIFz encrypted
names
[code]....
I am confiuging a DMZ on my ASA 5510 but I have run out of physical ports, since I have dual Wan ports configured. I plan to implement a DMZ using subinterfaces. I have 2 questions:
1) Do I need to configure a Vlan to complete this task?
2) Do I need to re-configure the other interfaces for subinterfaces and/or vlans as well?
I'm trying to configure an asa 5510 8.2(1)?I have a range of pub ips 3*.108.234.145-150
>>> E0/0 3*.108.234.146 outside public
>>> E0/1 192.168.1.1 inside
>>> E0/2 192.168.3.1 dmz
would like to map dmz host 192.168.3.107 to external 3*.108.234.147 on port 5000 and 50001 LOCAL LAN should also be able to get to dmz host ports.i've tried a few configs and also following this example:
[URL]
without any luck, here is my config, also posted the out put of show arp which is able to see and ping the host on dmz, also the output of show access-list which shows hits to it.
prophase-pix(config-if)# show running-config
: Saved
:
ASA Version 8.2(1)
!
hostname prophase-pix
enable password encrypted
[code]....
I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
HQ-ASA-01# show running-config
: Saved
:
[Code]......
I am absolutely new in the enterprise firewall world but I would like to start learning how to configure ASA 5505 and 5510. I did some research myself and I found that the material or the topic itself is a huge adventure (lots to read and understand). My company uses IOS versions until 8.2 due to the differences in the NAT-ting rules with 8.3 and 8.4.
View 1 Replies View RelatedI need to allow connection from IPHONE (in Internet) to connect Exchange on private network, synchronising with activesync (https) We have a microsoft TMG on frontal (inside network)
What is the method to parameter CISCO ASA using clientless access: Port forwardind? smarttunnel, web proxy? Nat?
i want the activesync request to cross ASA to go directly on TMG without asking password and user
I recently bought an all brand new ASA 5510 and it is here by my side. I'm trying to configure it but when entering https://192.168.1.1/admin I get Page Not Found error on IE. I'm able to ping 192.168.1.1 and have success telnet 443 port.
View 13 Replies View RelatedHave a new ASA 5510 connected to the laptop via console. I need to load the IOS and the configure from another ASA. I have tftp client on the laptop. Do I just need to set the inside IP to the same subnet as my laptop? Will I need a crossover cable?
View 1 Replies View RelatedI have 2 ASA5510-SSL50-K9, can I configure HA Failover ?
View 7 Replies View RelatedI am unable to see 4th interface on my firewall i.e fastether0/3 on my firewall ASA 5510.
Below is the output.
ciscoasa# sh int ip br Interface IP-Address OK? Method Status Protocol Ethernet0/0 x.x.x.x YES CONFIG up up Ethernet0/1 x.x.x.x YES CONFIG up up Ethernet0/2 unassigned YES unset administratively down down Internal-Control0/0 127.0.1.1 YES unset up up Internal-Data0/0 unassigned YES unset up up Management0/0 192.168.1.1 YES CONFIG up up
I have a few devices that the manufacturer told us we have to set with a public IP (No Natting) We have Internet ->ASA5510-> Switch 3550 with 3 vlans. Up to now we have always use Natting to configure internet access to specific devices. I heard setting up a witch with one VLAN connected to the internet and all other internals is a bad idea. that was the only Idea we had.
View 3 Replies View Relatedhow to configure ASA 5510 anti X edition ? Can I have a link explaining the configuration step by step ?
View 2 Replies View Relatedi have a cisco asa 5510 and would like to add a NAT rule for a range of ports like 50000-59999
View 15 Replies View RelatedI have to configure a default-factory firewall (ASA 5510) in a simple scenário like this image represents:At this moment i have configured the interfaces as represented above and at this moment what i want is grant access from a LAN computer (10.10.0.0/24) to the internet.
Should i configure some acl? I read that all traffic from an interface with a superior security level to other interface is allowed, so since my inside interface has a security level of 100 and the outside 0, it should be possible access to internet from an inside computer?!
From all configurations and examples i have seen around, they all contemplate a fixed IP address from the ISP, but in my scenário i have a dynamic one. This fact matter for the configuration i want to do?
My firewall is running the software version 8.2(5).
Cisco ASA 5510 and I want to configure it as an access gateway following this .[URL] the basic configuration steps on what to do on ASDM.
View 2 Replies View RelatedI have inherited an asa 5510 whit 4GE SSM module installed. The asa runs fine, but i can not use the 4GE SSM ports. Using ASDM or console i can get and configure the gigabitethernet1/x ports but i can not get traffic on it. The ping from the console to the ip address of the Gigabitethernet1/0 is successful. On switches or hubs connected to those ports i can not see the port's mac address. The two Internal-data0/0 and Internal-data1/0 are down and i can get they up. How to configure 4GE SSM or ASA internal-data ports.
View 8 Replies View RelatedIs it possible to import the config of a 5510 to a 5520. Trying to replace two 5510's with 5520's and wondering is there a way import the existing config files for the 5510's into the 5520's?
View 3 Replies View RelatedI follow the steps according to the basic settings provided by Cisco Support forum, but still failed to access the internet,
ASA5510# sh run: Saved:ASA Version 8.2(1)!hostname ASA5510domain-name xxx.comenable password passwd names!interface Ethernet0/0 nameif outside security-level 0 ip address x.x.x.x 255.255.255.248 ospf cost 10!interface Ethernet0/1 nameif inside security-level 100 ip address 10.161.9.14 255.255.255.0 ospf cost 10!interface Ethernet0/2 no nameif no security-level no ip address!interface Ethernet0/3 no nameif no security-level no ip address!interface(code)
How to config RDP to internal host from outside. With new OS, unable to configure RDP having issue with NAT commands are different.
View 1 Replies View RelatedI have one Cisco ASA 5510 with 2611 router two 2960 switch how to configure.
View 1 Replies View RelatedI am wondering if this is possible. We have multiple internet connections with fixed IP's coming into the office. We'd like to use one for FTP backup and another to service our websites. From what i have read a 5510 doesn't do policy based routing, but we'd like to configure our ftp server to use one of the internet pipes and our webserver to use another internet pipe. Is that possible?
We'd have two outside fixed IP interfaces and two internal interfaces. I could then use one of the internal interfaces for the web server and the other for the FTP server. consequently if the internal web server and FTP server use the fixed IP"s corresponding DNS server wouldn't that effectively route all FTP traffic out one interface and all web traffic out the other?
Then the FTP traffic would be NAT'ed to an internal interface and the HTTP & HTTPS traffic would be NAT'ed to a separate internal interface.
Then if each of the internal servers used the corresponding internal NIC on the ASA as it's gateway and the fixed IP's that correspond to the external DNS server, then it would affectively only use that gatway out for traffic? Would that work? Does it should route traffic out those pipes correct? Will the asa support two different next hop routers for the two different interfaces?
I have not worked with ASDM in a while. I have a 5510, with asdm-645.bin in the flash. The device runs version 8.4(2). I can download ASDM from the http interface of the firewall from the management interface. But I can not log in. I have used blank username and password, no username and enable password, blank username with enable password and a few other permutations. I then tried to connect to the asdm interface from inside also. But I can not connect. Needless to say, I have enabled http, and updated the http access-list. The only logging I have enabled is buffered. Is there any configuration that I am missing? Shall I cut and past the config?
View 4 Replies View Relatedwhen I try to run debugs on a pair of our firewalls. Error Message: ERROR: No memory for debug trace buffer. Debugs not available..Cisco ASA 5510 8.2(5)
View 1 Replies View RelatedMy client has had to replace their ASA 5510. Upon importing the image to the brand new ASA they are unable to write to the flash.
They have run fcsk disk0: to no avail. show file system show 0 and 0 for Flash size and Free space on disk0.
Is there anything that can be done, short of formating flash and trying to reinstall the image? I have asked them to reload the ASA but they are reluctant to do so as they don't want the site to lose connectivity.
When i tried to login through ASDM at Cisco ASA 5510, it ask for the username and password and after that nothing comes up. I am able to login through ssh. [code]
As per my knowledge show bootvar and show version, should shows the same IOS version. But here it's showing different. Is asdm-523 is compatible with IOS asa708.
I got a situation here for Nat-ed IPs i configured. I expected to open some ports on the interface to allow certain traffics to pass through, yet there are some of them are failed. Down is my current config.
object-group service DM_INLINE_SERVICE_1
service-object icmp
service-object tcp destination eq https
[Code]....
The only ports opened are 443, www, 3389 while ports domain, 5061,3478,3389. how to open domain, 5061, 3478, and 3389 ports on my ASA .
We have configured ASA 5510. We have configure Ethernet 0/0 ( Outside ) connected with ADSL line and Ethernet 0/1 ( Inside ) Local LAN. we have configured NAT and all the traffic is passing through outside interface. Now we have connected ethernet 0/3 ( leasedline ) interface with static public IP. Now we want to allow SMTP traffic to pass through from this interface.
How to configure it if we want our local lan SMTP traffic sending through new leased line ( Static Public IP ).
i have an issue with ASA 5510.
I connect to the device - https:/interface
I see the options such as download launcher etc.
But.. whenever I click on this I get stuck
Internet Explorer gives "page not found"
Or at the foot of the page it says "unable to download statup_lr"
Firefox says cannot connect
It is running 6.2.5.53
I can connect if I go to a PC where I have already downloaded the ASDM launcher (from many years ago)
Tried Win 2003, 2008 and Vista, and Windows 7
Tried downgrading to Java 6 r 7. Can I download the launcher from the Cisco website rather than the device? If so where?
We have two ASA5510s, each with outside interfaces to the same two ISPs (different IP addresses within the same subnet, of course). Both ASAs allow ICMP on all (inside and outside) interfaces. One ASA's default route is to ISP-1 and the other is to ISP-2. We can ping the default gateways for both ISPs from only one ASA. From the other ASA, we can only ping the default gateway for the default route but not the other. The pings originate from an inside client, first configured with the default gateway for ASA-1, then for ASA-2. Why does this happen, how do I troubleshoot something like this and how do I fix it?
View 1 Replies View RelatedThis problem applies (in my case) to our ASA5510. The issue here is that the http service on the ASA is runnnig off of the standard port 80. Login to the firewall and run the following.no http server enable http server enable 8080,Now you should be able to add a NAT/PAT on port 443 to another server of your liking. Just remember when you attempt to use ASDM to manage the ASA in the future to specify the new port 8080.
View 1 Replies View RelatedI have an ASA 5510 working in Routed mode for a company with the following networks. everything works fine as desired. Below are the interfaces, security and ip addresses .
Ethernet0/0 DC_SERVER security-level 100
ip address 172.16.11.12 255.255.255.0
Ethernet0/1 Branches security-level 50
[Code]....