Cisco Switching/Routing :: ASA 5505 / How To Enable Access To Local LAN
Jan 19, 2012
i have configuration my network infrastructure with the asa5505 like on image. i want that my users from lan 10.13.10.0/24 can to access to my LAN 192.168.0.0/24. can i use just routing or i must to use site to site VPN. how can i do it? how configure my asa 5505.on my LAN1 there's DHCP. From LAN side of my asa5505 i must disable DHCP.In my LAN1 i have DNS,Domain Controller. The users from my LAN3 need to access to LAN1 because of authentication and access to resources and programs. i attached my picture with configurtion.
View 2 Replies
ADVERTISEMENT
Apr 28, 2012
My laptop has windows 7 , its connected to the internet wireless , now , i want transfer files from my desktop to the laptop so i cannect them with an ethernet cable.. now how i can make that happen , my desktop has window xp
View 1 Replies
View Related
Feb 27, 2011
I am trying to enable access to use RealVNC on our Cisco ASA 5505 without using VPN. RealVNC uses port 5900. Users should be able to vnc to 99.23.119.78 and reach our internal server 192.168.1.4. So far they are receiving connection refused.
View 5 Replies
View Related
Oct 18, 2011
i have a problem with my asa 5505 Remote VPN Connection with local network access , the VPn is working fine and connected , but the problem is i can't reach my inside network connection of 192.168.30.x , here is my configuration
ASA Version 8.2(1)
!
!
interface Vlan1
[Code].....
View 13 Replies
View Related
Jun 10, 2012
I need configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.I have attempted to configure rdp access but it does not seem to be working for me. How to modify my current configuration to allow this? I need to allow the following IP addresses to have RDP access to my server: [code] The other server shows up as 99.89.69.334 but is working fine.
I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. My configuration file and what are the commands i need in order to put this through. Also, if there are any bad/conflicting entries. Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course.Also the bolded lines are the modifications I made but that arent working. [code]
View 8 Replies
View Related
Oct 4, 2012
I am configuring remote access vpn on ASA5505.Everything is working fine so far, except when the client got connected, it still used the local DNS server provided by the ISP. How do I force the client to use the DNS server configured on ASA?
View 7 Replies
View Related
May 4, 2013
I have a Cisco ASA 5505 in my home office which has a few PCs behind it with a linux web server running some websites. I can access the websites from outside no problem (i.e. on my iPhone using a 3G connection). However, I struggle to access the websites from within the network. The ASA gives me this error: [code]
View 3 Replies
View Related
Dec 22, 2012
I have set up a scenario for a small business and have some questions about how to manage the access between the VLANs. Is there is a better / another way to do it. See the attached picture for the topology / info.
My question is:
My switches is set up with x numbers of VLANs and a routed port (no switch port) to the ASA for internet connectivity. How is the best (or only??) way to manage the access between the VLANs? Is it ACL's on the switch?
And by "managing access" I mean VLAN 50 (public WiFi) only have access to the internet, only management servers have access to management VLAN, Client VLAN only have RDP access to server VLAN and so on. Is there any way to do this in the ASA (or add another (gigabit) router to the topology)) or it the only way to have lots of ACL's on the switch itself? I have thought about "router on a stick", but then I imagine there will be a bottleneck between the switch and the ASA?
(Equipment is 2 x 3650G, ASA5505, AP1252 - see attached file).
View 3 Replies
View Related
Feb 7, 2013
We have an ASA configured to access the internet, which works fine for clients who have an IP address assigned by DHCP, but not for clients with manually assigned IPs.
For instance, with the DHCP server configured to give IP addresses between 172.16.101.1 and 172.16.101.10, a device may get the IP address 172.16.101.1. This machine will have connectivity to the internet.
If we then configure DHCPd server range as 172.16.101.2 to 172.16.101.10 and statically assign the 172.16.101.1 IP to the client, it will not have internet access. It will, however have inside access and VPN access.
If I try to ping 8.8.8.8, the following is logged:
ASA 3 Feb 08 2013 15:51:01 8.8.8.8 xxx.xxx.xxx.100 Deny inbound icmp src outside:8.8.8.8 dst servers:xxx.xxx.xxx.100 (type 0, code 0)
Where 'servers' is the name of the inside interface the request is made from and 'xxx.xxx.xxx.100' is the external IP. It seems as DNAT is not working when the client IP is static assigned.
View 5 Replies
View Related
Sep 6, 2012
Just installed ASA -5505 replaced cisco 851
My exchange server hosts remote outlook clients and remote web access
no one on the remote side can access my exchange server
internal mail flows in bound and out bound.
My iphone can not access the exchange server either.
When the Cisco 851 was online all the above worked great. Nothing changed on the remote client side just put the ASA 5505 in service.
I am new to the ASSA 5505 family. Had a reseller configure the router but unable to get them at this hour. Called Cisco support but they are closed at this time also.
View 5 Replies
View Related
Mar 27, 2012
I have purchased these two switches from ebay as a test lab, I plan to connect them up via a gigastack modulecable and enable ip routing on the c3550 and vlans to talk to each other.
I'm very much a procurve person and really need to get into the cisco switching.I will want to trunklacp between the switches - whats the process is setting that up on cisco switches?
View 1 Replies
View Related
Mar 23, 2013
I need to enable multicast routing on 2960s but the command "ip multicast-routing" isn't available on my release (12.2.(55)).
From which release this command is available?
View 1 Replies
View Related
Apr 3, 2013
Have a 3750X running at the moment and has about 30 vlans all connected and just use the ip route global config command to enable routing. Plan is to switch out to the 4503E, with IPBase license. When ever I issue the same command, and do a show run its not there. I get no error when I issue the command either. And yes I have rebooted. Do I need to use RIP or OSPF routing? When I do a show ip route the screen looks the same with all the codes, though gateway of last resort isn't set even though I do have ip route 0.0.0.0 0.0.0.0 a.b.c.d in the config. Or is ip routing just enabled by default?
View 6 Replies
View Related
Apr 19, 2013
I have been trying to enable L3 intervlan routing on C2960S Switch with ip routing command and that was the output from the Switch: [code]
View 6 Replies
View Related
Feb 14, 2012
How do I enable SSH on 4507. I do not see "ip ssh ..." commands config#ip ssh (I do not see "ip ssh " commnd)
Do i need to enable something else?
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.02.00.SG RELEASE SOFTWARE (fc4)
View 1 Replies
View Related
Jun 14, 2011
I am trying to enable policy based routing on a new 3560x switch.The device has the following code c3560e-universalk9-mz.122-55.SE1.bin and the IPSERVICES license
I can create the route map in global config mode but when I try to enable pbr under the required interface the commands are not there.therefore I am typing ip policy route-map "name" the word policy does not show up in the interface config mode. I have also change the sdm profile to routing this has not made a difference.
[code]...
View 13 Replies
View Related
Jan 17, 2012
see the attached diagram to explain the network. I'm trying to do a "port-to-port" layer 2 connection on an ASR that will bi-directionally bridge a physical interface to a sub-interface. I tried using " connect VLAN200 Gig0/1/0 Gig0/0/3.200 interworking ethernet " but I'm not getting traffic through the connection.
I don't think BDI will work because it requires a Layer 3 point. I have to make this Layer 2 switching.
View 5 Replies
View Related
Mar 17, 2013
I have a 370 with C3KX-NM-10G module & i want to enable NetFlow on it did the specified configs
Step 1 Flexible NetFlow Flow Recordsflow record miketestmatch datalink source-vlan-idmatch datalink dot1q prioritymatch datalink mac source-addressmatch datalink mac destination-addressmatch ipv4 versionmatch ipv4 tosmatch ipv4 ttlmatch ipv4 protocolmatch ipv4 source addressmatch ipv4 destination addressmatch transport source-portmatch transport destination-portmatch interface input physical snmpcollect interface output snmpcollect counter flowscollect counter bytescollect counter packetscollect timestamp sys-uptime firstcollect timestamp sys-uptime last flow record miketestegressmatch datalink destination-vlan-id match datalink dot1q priority match datalink mac source-address match datalink mac destination-address match ipv4 version match ipv4 tos match ipv4 ttl match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match interface output physical snmp collect interface input snmp collect counter flows collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last Step 2 Flexible NetFlow Flow ExporterFlow exporter export-to-samplicatorDestination 10.1.1.8source Vlan1Transport udp 2055option interface-table timeout 60 Step 3 Flexible NetFlow Flow Monitors# Tie the Flow Monitor to the Flow Recordflow monitor mikektestrecord miketestexporter export-to-samplicatorcache timeout active 60flow monitor mikektestegressrecord miketestegressexporter export-to-samplicatorcache timeout active 60
& Applied it to g1/1/1 but without any luck , if netflow works on the
TenGigabitEthernet1/1/1 &
TenGigabitEthernet1/1/2
Only i have four switches stacked and nothing plugged to the
C3KX-NM-10G module
View 1 Replies
View Related
Mar 18, 2012
I use IOS Software, ME360x Software (ME360x-UNIVERSALK9-M), Version 12.2(52)EY2. I not found the command "ipv6" on global and interface configuration.
View 2 Replies
View Related
Nov 7, 2011
I am trying to configure a 3750 48 port switch and having trouble with getting it to see the sfp. I just want to set up the router with a pretty basic set up since I am using it for a ping test between 2 buildings, via fiber. How I can enable the sfp port?
View 3 Replies
View Related
May 8, 2013
I have 4506 with below sup, my requirement is to enable netfolw , but as i came to know that it is not supported in this sup, is there any additional option which can be explored to get the netflow working without replacing sup.
Card Type Model
-------------------------------------------------------------+-----------------------
Sup 6-E 10GE (X2), 1000BaseX (SFP) WS-X45-SUP6-E
View 4 Replies
View Related
Oct 26, 2009
i am having 2950 switch. Now i login through telnet but as per the company standard i have to login through ssh. Is there any possible to enable the SSH in 2950. Any IOS supporting this operation.
flash:/c2950-i6q4l2-mz.121-19.EA1c.bin
View 8 Replies
View Related
Jan 14, 2012
On my 2650 Router it just has only Telnet password.It has no enable mode password set.After reboot it is goes to prompt mode BB.I am unable to go to enable mode .how can i go back to enable mode on this router?
View 13 Replies
View Related
Jun 7, 2012
I have a 2960G that I keep on the bench as a work switch. I assigned an IP address to it. The techs have had trouble imaging workstations using GHOST. Do any config changes need to be made to enable multicast to work? Everything is in VLAN1 at this point and the GHOST server is also the DHCP server.
View 1 Replies
View Related
Nov 3, 2011
To enable netflow export on ASR1001, do i need the firewall feaure license or not ?Docs are not really clear, NBAR requires FW license, but i am unsure about Netflow?
View 1 Replies
View Related
Feb 11, 2013
How do i enable InterVLAN MultiCasting. I have a WS-C3560G-24TS as my core switch and it does InterVLAN Routing. I have a Server VLAN (70) and Workstation VLAN (71). I have a server that i have set up to deploy images to computers. Up to this point i have only done one computer at a time, so unicasting was ok. I would like to be able to Multicast to multiple computers, but am unsure what i need to do on the switch (if anything) to enable this.
View 2 Replies
View Related
Jan 30, 2013
We have 4507 distribution switch in our network.I am trying to enable ssh in those switches but seems that ssh command is not supporting. IOS version - cat4500e-universal.SPA.03.03.00.SG.151-1.SG.bin
View 1 Replies
View Related
Jan 6, 2013
I have been trying to get the http server enabled so I can access Cisco Network Assistant. I have my interfaces configured but for some reason the server in not running, port 80 is still closed. [code]
View 2 Replies
View Related
Oct 20, 2012
How to enable UPNP on CISCO routers - 36XX , How can I simualte UPNP connections.
View 2 Replies
View Related
Oct 27, 2010
I am planning to enable MAC address filtering (one port on 4510 & another 3560). I want to allow only that MAC address to communicate via that port with the rest of the network and internet.
4510 has PC connected and 3560 had polycom connected. [code]
View 5 Replies
View Related
Dec 26, 2011
I want to enable SNMP and track the status/ of the interfaces in switches.
We have Two- cat 3750 (L3 switch) and Nine-cat 2960 (L2)
How to configure the SNMP. any Links provides the required info with an example of configuring snmp will be really useful.
we have OPEN NMS, SPLUNK, MYSQL monitoring tools.
View 1 Replies
View Related
Sep 23, 2012
I have a hub and spoke WAN that conisits of one core location with with a 6500 and nine other buildings using 4006 Catalyst that conenct back to the core via dual gig fiber. We are using EIGRP at each location as well as the core. I was tesing something at one of our buildings decided to hang a 3750 off the 4006 and enable the same eigrp process on the 3750 that is enabled on the 4006 and 6500 (EIGRP 1).
1. All the routes that the 6500 knows about are advertised out to each of the nine locations.
2. The 4006's are all advertising thier directly conencted routes to the 6500.
Onto the location I was testing at:
The 4006 where I was testing at has four vlan interfaces enabled and they are in an UP/UP state. The ip routes from the 4006's directly conencted vlan interfaces propogate to the 6500 at our core location and the 6500 sucsefully propgates these learned routes to all the other 4006's.
This past Friday I configured a 3750x with two /22 vlan interfces and one physical gi port with an IP address and also configured on Ethernet port on the 4006 with an IP address in the same network block as the 3750x gi interface (a /30 netowrk block). I saw both interfaces come up and EIGRP sucesfully established a neighbor adjecency between the 3750x and the 4006.
I noticed that the 3750 advertised out all of it's directly conencted routes to the 4006 and the 4006 advertised it's directly conencted routes to the 3750. However, the 4006 did not advertise any of the routes it had learned from the 3750x to the 6500 and nor did the 4006 advertise any of the routes it had learned from the 6500 to the 4006. My suspicion is that the "eigrp stub connected summary" statement is enabled on both the 4006 and 3750 thus prevenintg them form advertising out any routes other than thier directly conencted routes. Can any of you verify that I'm either correct or inccorect about this?
here are the eigrp statemnets from the 6500 and 4006:
6500:
router eigrp 1
redistribute static
network 10.0.0.0
network 172.16.0.0
network 172.17.0.0(code)
View 2 Replies
View Related
Oct 31, 2012
My engineer onsite can't get into enable mode on his 2911 router. I've seen this before but I can't find out how I fixed it.
He gets an error saying : no password set
Here is the config:
Router#sh run
Building configuration...
Current configuration : 1784 bytes
!
[Code]....
View 3 Replies
View Related
