Cisco Firewall :: Use ASA 5510 Smart Call Home Feature For Automatic Backup Creation By Email

Feb 10, 2013

I am trying to use the built in feature of Cisco ASA 5510 smart call home feature with the purpose of automatic backup creation by email. I found the configuration [URL]. I already configured the said instructions but when I send a test email it says it cannot contact the email server. Below is the error that I am getting from our ASA. I am new to firewall.

OGI-MNL-ASA-FW0# call-home test profile ASA_Config_Backup
INFO: Sending test message to fcaccam@example.com...
ERROR: Connecting to SMTP server xxx.xx.xxx.xx failed: CONNECT_FAILED(33)
ERROR: Failed: CONNECT_FAILED(33)

View 1 Replies


ADVERTISEMENT

Cisco Switching/Routing :: Smart Call Home Usage On The ASA 5520 Or RHL

Jun 25, 2012

I'm trying to install a Gateway in Red Hat Linux to Cisco Smart Call Home Service, and reading about this in google, i find this info:Smart Call Home on the ASA This is much more simply to configure and operate.I want to know what solution is more recomended and why.

View 1 Replies View Related

Cisco Firewall :: ASA 5510 DMZ Creation

Nov 13, 2011

I need to implement a DMZ in my office. Before talking about the configuration , i would like to know best practises of implementing DMZ.My questions are,is traffic from inside to DMZ is permit by default?,What about DMZ to Inside traffic ?,Is it necessary to do a NAT from inside to DMZ with the same IP as of inside,What is the use of " static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0 ? is it a no nat statement?,Is it necessary to permit traffic from DMZ to inside?,Suppose i have a web server in DMZ, for inside host whether it will take path through ASA or path through internet?

View 17 Replies View Related

Cisco Firewall :: ASA 5510 - NAT Regular Translation Creation

Dec 4, 2012

I am having an issue with a specific server that is not reachable from other sub nets. Every other device on the same sub net as the server is reachable via the other sub nets. This server is special because it's NAT'd to an external IP address and has several site-to-site VPN's set up. The firewall is a Cisco ASA 5510.
 
This is the error I see on the ASA syslog when I try to ping the server from another sub net: 3 Dec 05 2012 10:58:49  10.0.15.101 regular translation creation failed for icmp src inside:10.0.20.8 dst inside:10.0.15.101 (type 0, code 0)          
 
The problem server is on sub net 10.0.20.0/24 and the server IP address is 10.0.20.8. Every device on the 10.0.20.0/24 sub net can hit the server, but devices on other sub nets cannot. For instance, a device on 10.0.15.0/24 cannot reach 10.0.20.8, but can reach other devices on 10.0.20.0/24.

View 1 Replies View Related

Backup Account Creation For Routers Through KiwiCat Tool?

Sep 11, 2011

My backup userid, password, privi 15 on all our company routers Say around 300 routers, it is difficult to log in each router and create a backup account, i heard from one of my friend that i can create a backup account and can upload thru the kiwicat tool and it will automatically creates my backup account on all the routers. Procedure to create this.

View 6 Replies View Related

Cisco Wireless :: Configure Automatic Backup On AIR-AP1131G-E-K9

Oct 10, 2012

we have a AP cisco AIR-AP1131G-E-K9 Version 12.4(10b)JA, and we would like to do automatic backup of CLI configuration to one server, and we dont know how to do.
 
For example: On router and switch we use this kind of configuration to do automatic backup: [code]

View 1 Replies View Related

Cisco Firewall :: ASA 5510 Does The Feature Content Filter Comes As Built In

Nov 11, 2011

In Cisco ASA Firewall 5510 does the feature content filter come built in?

View 1 Replies View Related

Cisco Firewall :: ASA 5510 - Does Feature Content Filter Come Built In

Jun 26, 2012

In Cisco ASA Firewall 5510 does the feature content filter come built in?

View 3 Replies View Related

Cisco Firewall :: Cannot Get RDP And Email Out Through ASA 5510 5520

Jul 24, 2012

I've been trying to switch out our old firewall which is a 5510 for our new 5520, but we keep running into this problem on both devices with almost the exact same configs. Currently I have the 5510 installed, and I cannot get our email server and RDP server to ping out to our internet gateway.
 
Attached is a sanitized config. From the config you can see the internal address of the email server is 11.2.1.29, external address is 73.13.198.211. RDP server is internal address 11.2.1.33, external 73.13.198.212. Our internet gateway is 73.13.198.209.
 
From another computer with a 11.2.1.X address I can ping out to the internet gateway. The other two devices drop (I believe) when they hit the firewall.
 
Static mappings (again from config):
static (inside,outside) 73.13.198.211 11.2.1.33 netmask 255.255.255.255
static (inside,outside) 73.13.198.212 11.2.1.29 netmask 255.255.255.255
 
Original access list:
access-list outside_access_in extended permit tcp 64.19.0.0 255.255.240.0 host 73.13.198.212 eq smtp
access-list outside_access_in extended permit tcp host 67.228.177.117 host

[Code]....

View 6 Replies View Related

Cisco Firewall :: ASA 5510 - Get Email When Network Is Down

Jul 24, 2011

I am not sure if this can be done in asa 5510.  Is there any way we can configure that when our public ip goes down i get an email?

View 2 Replies View Related

Cisco Firewall :: ASA 5510 - Email Logging VPN Traffic

Feb 29, 2012

I use ASA 5510 and I would like to log VPN traffic ( for example, as soon as a remote user try to connect to the asa). I would like this log be send to a specific mail address. I already configure Email Logging for severity  ( level 3) and it works well.
 
How I can add the VPN traffic Log ?

View 4 Replies View Related

Cisco Firewall :: ASA 5510 Email And Terminal Server Going Out

Mar 5, 2011

I am having two issues:
 
1. my email going out is working along with internal, but inbound email is not working. My barracuda email filter is 192.168.1.107 and my exchange 2007 is 192.168.1.222 along with this OWA does not work.
 
2. Terminal Services does not work when I try from the home pc in I get server not available or disconnected

Below is my congig

ASA Version 8.3(1)!hostname wsigatewaydomain-name wsystems.comenable password yVSkMxWRc/S396FB encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface Ethernet0/0 nameif outside security-level 0 ip address 64.XXX.XXX.XXX 255.XXX.XXX.XXXinterface Ethernet0/1 nameif inside security-level 100 ip address 192.168.1.1 255.255.0.0!interface Ethernet0/2 shutdown no nameif no security-level no ip address!interface Ethernet0/3 [Code]....

View 2 Replies View Related

Cisco Firewall :: Can't Send Or Receive Email From Exchange Behind ASA 5510 With CSC

Jan 17, 2012

We are upgrading from a Pix 515e to a ASA 5510 with CSC SSM.  We cannot send outbound email or receive any email from the outside world. I have placed a call with Cisco Support with no luck. [code]

View 1 Replies View Related

Cisco Firewall :: ASA 5510 - Send Only Alarm Of Attack By Email

Apr 12, 2011

I have a Cisco asa 5510. I am doing attack a my firewall, using n map. I am seeing in the log the attack but i like that firewall send only alarm of attack by email . I have active email with warning and i received very much email.
 
I observed that graph show attack, but not ip of attacker, is possible that Cisco asa show the ip too ? The log show scanning with n map but not shunning IP and not send alarm. How i can send alarm ? The graph no show ip, it's possible show it.

View 10 Replies View Related

Cisco Firewall :: ASA 5510 - Unable To Receive Email From Outside Network

Mar 26, 2013

I am in the process of switching firewalls. Currently I have a Sonic Firewall inplace.  I have been tasked to switch the firewall out with a cisco asa firewall 5510.  The sonic firewall currently allows email traffic, web traffic, and dns traffic.  When I use the current config below on the asa I am unable to receive email from the outside network.  I can send and browse websites but I cannot receive email. 
 
ASA Version 9.1(1)
! hostname ciscoasa
enable password kdkfdjdjflkadjdsfj

[Code]......

View 3 Replies View Related

Cisco Firewall :: ASA 5510 - ISP Backup Setup

Apr 5, 2011

I would like to setup backup ISP in our ASA5510.   Right now the the firewall has for default gateway following command:
 
"route outside 0.0.0.0 0.0.0.0 114.324.321.33 1"  i am changing this to route outside 0.0.0.0 0.0.0.0 114.324.321.33 10 track 1  ...so i can setup sla monitoring. As soon as i do the above command and remove the original "route outside 0.0.0.0 0.0.0.0 114.324.321.33 1" from asa then internet connection drops. Right now asa interface Ethernet0/0 has main isp configured and configuring  interface Ethernet0/3 as backup. interface Ethernet0/3 name if backup security-level 0 ip address 114.324.321.34 255.255.255.252 no shut global (backup) 1 interface.
 
route outside 0.0.0.0 0.0.0.0 114.324.321.33 10 track 1 ( Right now in firewall i have" route outside 0.0.0.0 0.0.0.0 114.324.321.33 1 " ) route backup 0.0.0.0 0.0.0.0  115.283.212.23 20 track 2
 
track 1 rtr 1 reach ability
track 2 rtr 2 reach ability

sla monitor 1type echo protocol ipIcmpEcho 114.324.321.33 interface outside sla monitor schedule 1 life forever start-time now sla monitor 2type echo protocol ip Icmp Echo 115.283.212.23 interface backup sla monitor schedule 2 life forever start-time now. Also our firewall has site to site vpn and 1 main ip configured for exchange and remote access. 

View 4 Replies View Related

Cisco Firewall :: Backup ASA-5510 From A Server Via TFTP?

May 29, 2012

ow to backup Cisco ASA-5510 from a Linux server via TFTP?I do know how to backup a switch or a router. Basically creating an access list such as:
 
access-list 55 remark PERMIT hosts requesting TFTP access
access-list 55 permit host 172.16.0.27
 
and allowing access to
 
tftp-server nvram:startup-config 55
 
all this inside the router or the switch. From the Linux box just running a simple command such as:
 
tftp 172.16.0.3 -c get startup-config newbackup.conf
 
where 172.16.0.3 is the IP address of the switch and newbackup.conf is the name of the config file stored on the Linux machine.So, how do I do that with an ASA box? how to backup ASA from inside it.

View 1 Replies View Related

Cisco Firewall :: Internet Doesn't Work On ASA 5510 For Backup ISP

Feb 15, 2012

I have a ASA 5510. I setup basic configuration to test internet with 2 ISPs. My first line works with out any problem. But my second line doesn't work. Even when i wipe the configuration, and setup only my second isp. Internet doesn't work. Can you tell me if there is anything wrong with this config?
 
CaaaA01#  sh run
: Saved
:
ASA Version 8.3(1)
!
hostname CaaaA01
domain-name example.com

[code].....

View 2 Replies View Related

Cisco Firewall :: Backup ASA 5510 Multiple Context Mode

Oct 19, 2011

I am running a ASA 5510 in multiple context mode. IOS 6.4(2), ASDM 6.4(5)106.
 
In older ios/asdm versions it was possible to backup the configuration using ASDM.

In 6.4(5)106 i am missing this feature (see attachment)
 
Is it possible to backup a multiple context firewall using ASDM and above mentioned software versions?

View 3 Replies View Related

Cisco VPN :: 5520 Feature That Allow To Have Backup VPN Tunnel On At Secondary ISP

Oct 8, 2011

My question is very simple is there any way or feature that could allow us to have a backup VPN tunnel on at the secondary ISP at the asa 5520? Lets assume if the primary isp goes down is there any way for  the VPN tunnel come online at the backup isp ? [code]

View 2 Replies View Related

Cisco Firewall :: FWSM 4.0 Email Server Cannot Connect To Email Gateway

Aug 8, 2012

I have a question about NAT behavior on FWSM 4.0. The problem is email server (Company A) cannot connect to email gateway (Company B) on the outside network and it randomly happen. I got this error from server guy "Detail: xlate has blocked the connection between A’s mail gateway and B’s mail gateway". It work fine again after clear xlate on firewall. [code]
 
1. How FWSM create xlate table like that? I mean it look like NAT0 for 158.137.21.26 but it doesn't has any nat rule for 158.137.21.26 on firewall.
 
2. What does it mean "connections 24" at the first of line? In the normal time, I only see the connections is 0 like the second line of xlate
 
3. After clear xlate global 158.137.21.26, the first line of xlate table is gone then email server can connect each other. Does is a bug on FWSM? or This is a normal NAT behavior of FWSM.

View 1 Replies View Related

Home Network :: Which Computers Is Running Skype Application That Will Answer Incoming Call

Feb 15, 2013

I have a standard ADSL modem which connects to the internet. On the inside I have a few computers within my LAN.when the modem receives an incoming request from the internet for a connection to one of my LAN computers e.g. a Skype incoming call, how does the modem know which port to forward that traffic to on my internal LAN? i.e. how does the modem know which of my computers is running the skype application that will answer the incoming call? I know port forwarding normally handles this sort of thing, but in my case, I am not using any configured port forwarding rules so how does the modem know where to forward skype traffic?

View 2 Replies View Related

Cisco Firewall :: 5510 / How To Ssh Directly From Home PC

Dec 3, 2012

We have a Cisco Firewall 5510.When I VPN into the network, I have to rdp to a windows desktop in order to SSH into my linux boxes.how to ssh ditrectly from home PC.

View 3 Replies View Related

Cisco Firewall :: PIX 515E 6.3.3 - DMZ Creation Doubts

Jul 26, 2011

I need to create a DMZ zone in my network. One server need to be put in DMZ. I have a PIX 515E 6.3.3. It has free port to create DMZ.

1) Put a new switch for DMZ zone
2) Connect it to the DMZ port
3) Create a NAT for inside to DMZ with same IP as inside
4) Create ACL for permiting traffic to DMZ and apply it to outside interface
5) Create ACl for permitting traffic from DMZ to inside
6) Routing for DMZ in PIX

View 3 Replies View Related

New Smart Home Theater But Weak Wifi Signal

Nov 14, 2012

I am researching power adapters versus range extenders to bring the best signal to a new home theater so I can stream Netflix. I don't do much else (gaming etc...) and am not a tech person. I just want to enjoy movies in an area of my house that gets little or no signal. Didi I waste my money buying smart? Can I still do an ethernet connection off the power adapter? Should I put another router there instead--- off the adapter- so I can use the theaters wifi?

View 1 Replies View Related

Cisco Firewall :: ASA 8.4 Transparent Mode Creation Of Sub Interfaces

Jul 30, 2012

On the ASA running  the 8.4.4.1 code in transparent mode. Can I create sub interfaces in different vlans and attach them to different BVI groups?
 
switch---trunk---ASA---Trunk---switch
 
Gig0/1.1 vlan 100 bridge-gr1          Gig0/2.1 vlan 101 bridge-gr1
Gig0/1.2 vlan 200 bridge-gr2          Gig0/2.2 vlan 201 bridge-gr2

View 6 Replies View Related

Cisco VPN :: 5550 - Smart Tunnel Link On User Home Page?

Apr 25, 2011

Two part question:  First is there a way to create a smart tunnel link on a user's home page like you have on the main portal page of the ASA 5550?  I see the code that it is using but have not been able to get this to work.  Here is that code;
 
<a href="javascript: parent.doURL('756767633A2F2F70676B636562712E7070757A702E6265742F50766765766B2F4B72614E63632F6E6867752F79627476612E6E66636B',[{name : 'user', value : 'CSCO_WEBVPN_USERNAME'},{name : 'password', value :

[Code]....

Second question when will MACs be able to auto start smart tunnel when the user first logs into WebVPN?  Right now the only way I know of starting a smart tunnel on a MAC is a link on the main portal page. I am running code 8.3.2.13

View 5 Replies View Related

Cisco Firewall :: ASA5520 Port Map Translation Creation Failed

Jan 27, 2013

After adding a NAT rule on Friday morning, I'm now getting a bunch of "portmap translation creation failed" messages from my ASA5520.  (It's currently running 8.4(3).)  The failure errors appear to have nothing to do with the change that was made.  [code] I have very similar rules in place for other vendors to access other machines.  The only difference between this new one and those old ones is the use of the objects in the rule instead of the direct IP addresses.  This is also the first one that invovles a range instead of a specific address or network. [code]

View 4 Replies View Related

Cisco Firewall :: Cat 4500 Translation Creation Failed Message

Aug 1, 2012

Two Vlans (ID1 and 100)are on a Cat 4500, which connects to an ASA, interface DMZ. On 4500, there is default route point to the ASA DMZ interface Issue, server on vlan 100 cannot ping a server on Vlan 1, vice verse. When I enable the realtime log, it gives me a “Translation creation failed” message, please see the attached files.

View 1 Replies View Related

Cisco Firewall :: DNS ASA5510 - Portmap Translation Creation Failed For Udp

May 22, 2012

See the error below on my ASA5510.
 
305006 200.200.0.34 53 portmap translation creation failed for udp src inside:192.168.1.4/1047 dst outside:200.200.0.34/53
 
The first two computers work normally( IP 2 and 3) , but the third computer gets ip does not work on the Internet.

View 2 Replies View Related

Linksys Wireless Router :: Ea6500 - Can't Login Into Smart Wifi Outside Home

Nov 20, 2012

Do I need to portforward a port for logging into my Linksys EA6500 smart wifi router from outside home? I can only login when I'm om LAN or wifi..Another question: Can I only login to the same router using an app? Isn't there a way to login via browser?

View 9 Replies View Related

Cisco Firewall :: ASA 5505 - Regular Translation Creation Failed For Protocol 47 SRC

Oct 10, 2011

We have a PIX with 3 interfaces. Inside, Outside,DMZ.
 
On my DMZ we have some clients that come in and remotely connect back to there office via MSPPTP. I setup the ASA with this to get rid of the error message: regular translation creation failed for protocol 47 src
   
policy-map global-policy
inspection_default
inspect pptp
 
Now when the dmz client tries to connect back to there PPTP server I get the following error.
 
172.31.10.204 0 24.172.85.162 37624 Teardown dynamic GRE translation from dmz:172.31.10.204/0 to outside:24.172.85.162/37624 duration 0:01:30
172.31.10.204 1069 173.188.74.155 1723 Deny TCP (no connection) from 172.31.10.204/1069 to 173.188.74.155/1723 flags PSH ACK  on interface dmz
172.31.10.204  173.188.74.155 63767 Teardown GRE connection 8393958 from dmz:172.31.10.204 to outside:173.188.74.155/63767 duration 0:01:08 bytes [ code]...

View 7 Replies View Related

Cisco Firewall :: ASA 5540 - Portmap Translation Creation Failed For Tcp Src Inside

Mar 24, 2013

We have an ASA 5540 with 8.2(5)
 
Last three days in early afternoon we start getting these errors in the log and webpages either won't load or pages only half load.
 
3|Mar 22 2013|13:22:24|305006|184.73.105.115|443|||portmap translation creation failed for tcp src inside:10.10.176.114/58217 dst outside:184.73.105.115/443
3|Mar 22 2013|13:22:24|305006|54.243.129.71|80|||portmap translation creation failed for tcp src inside:10.35.54.37/1517 dst outside:54.243.129.71/80

[Code].....

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved