We currently run dual ASA 5510's in A/S config on our main campus. We would like to create a VPN tunnel to a branch campus. Trying to decide between a 5505/5510/5512x, We would like to extend many of the capabilities of our network to the branch campus which will be 20-50 users on a 50mb/10mb internet connection.
Domain login System Center workstation management Cisco WCS Shoretel voip (Cisco NAC?)
Several different VLANs for wireless guest, student traffic, staff traffic, voip traffic, etc. Which device would be best and should we get the security plus license with it?
User want to create on 5 network , 100.x , 200.x , 210.x , 250.x , 220.x .at the ASA5510, no enough port for 5 network.So I want to create 4 vlans on eth 0/3. I can create vlan but i cannot run this command " switchport mode trunk" " "switchport trunk allowed vlan list" how can be done for that?
Actually i want to use like thisASA5510-----4 vlans on eth 0/3------switch----vlan200,vlan210,vlan250,vlan220.
Successfully creating a port-forward in ASA5510, ASA version 8.3(1) ASDM6.3(1)?I have spend hours now trying, but I'm still unsuccessful.What I want is a simple: "if this particular ip-adress hits the wan interface on this tcp-port redirect to this inside ip-address on this tcp-port.I have never had any trouble on any other firewall creating something like this, but the ASA is killing me.
I have recently upgraded my ASA 5510 to 8.3 code and honestly I am confused on the best and most efficient way to do many nat translations through it. I have a group of about 100 IP's that need http/https/and sqlnet allowed through for our web farm.
I have a text file with the real and translated IP addresses and in 8.2 I could simply modify it and dump the thing in and make the NAT rules and access-lists. Now with the new object based model I am having a hard time wrapping my brain around how to do this using as few lines of code as possible.
Do I have to create an network object for each and every IP i want to nat through?
Last time, i´ve implemented a Remote Access VPN to my network with ASA 5510 I´ve allowed to my VPN an acces to all my Internal LAn But i want to configure a group of vpn in the CLI for have different group of user which can access to different server or different network on my LAN.
Example : informatique group------access to 10.70.5.X Network Consultor group -------- access to 10.70.10.X Network
I need to know how can i do that , and if you can give me some eg script for complete this Here is my configuration :
ASA Version 8.0(2)!hostname ASA-Vidruldomain-name vidrul-ao.comenable password 8Ry2YjIyt7RRXU24 encryptednamesdns-guard!interface Ethernet0/0 nameif outside security-level 0 ip address X.X.X.X 255.255.255.X!interface Ethernet0/1 nameif inside security-level 100 ip address X.X.X.X 255.255.255.X!interface Ethernet0/2 shutdown no nameif no security-level no ip address!interface Ethernet0/3 shutdown no nameif no security-level no ip address!interface Management0/0 description Port_Device_Management nameif Management security-level 99 ip address X.X.X.X 255.255.255.X management-only!passwd 2KFQnbNIdI.2KYOU encryptedftp mode passivedns server-group DefaultDNS domain-name vidrul-ao.comaccess-list 100 extended
I am trying to setup intervlan routing with a Cisco ASA 5510 and two 2960-S switches. The 5510 currently is using ASA Version 7.0(2) and has a base license. I tried to create a sub interface today based on some info I found regarding the routing piece and it didn't recognize the command. I'm thinking I may need to update the IOS code or the license on the firewall. I know the syntax was correct because I looked it up and found it in a Cisco document.
I'd like to create dhcp server pool on ASA 5510. I was wondering how big is the DHCP scope that Cisco ASA 5510 can support? Are there any ASA models which can support up to subnet mask 22 for DHCP scope?
I would like to use a Cisco 1921 at my house and create a "Easy VPN Remote" connection to our ASA 5510 at work. Can I use the Easy VPN Client with the base license, or do I need the security license to take advantage of the VPN tunnel?
Our HQ office has an ASA 5510 with full access to internal and external IP's. We have a small group of remote users that are working from a shared office suite and they only have Internet access by way of internal default gateway. Using a VPN client is not desirable due to many other devices requiring access to HQ. Is there a way to create a site-to-site VPN from this remote office space back to HQ (ASA 5510) if they have no access to the public IP address on their end?
I need to create second VPN in same ASA5505, it has already a VPN to one of our clients. So it alredy have a transformset,cryptomap,policy.Now i need to create new one. i like to create a seperate transformset and crypto map for this 2nd VPN with a new name to identfy very easily.But i have doubt like may it will affect the current VPN? because it has another VPN with another tranformset and cryptomap.......
1) will it affect the current VPN?
2) do i need to create a seperate tranformset and cryptomap? or with same tranformset and cryptomap with different number.....if it possible to create multiple cryptomap then i would like that to create.....
I need to create a LAG consisting of 4 ports on my SG 300-20.
When I go to create the ports via Port Management - Link Aggregation - LAG Management - LAG1 - Edit and move ports 5,6,13,14 over as LAG Members - Click apply I get Port gi5 belongs to a VLAN. If I try to add them individually I get the same error, i.e. port gi6 belongs to a VLAN, port gi13 belongs to a VLAN, etc..
I'm baffled by a lot of new features of LMS4.2 and seem lost where to start looking.Our client needs to periodically make changes to switches to change their port settings.They have specific descriptions with a certain string. Let's say the description say "Cisco phone".The task is to create either template or ad-hoc Netconfig job that will send changes only to those switchports.
I have a weird problem. I can't create a vpn in windows xp. I click on create a new connection, the connection wizard opens up, I click "connect to the network at my workplace", and this happens mm31z.jpg at Free Image Hosting.I can't select VPN connection. I have no idea what is causing this, maybe a service is not running, I don't know. I tried uninstalling/ reinstalling my network and it did not work.
I want to create a VPN between two PC's, (the server "Data" and "Remote Desktop" check the topology below), the Router Clabeck (cisco 2811 ) is connected to the internet through int f0/0 using a PPPoE connection and connects all the LAN PC's by PAT to the internet (you can see all the configurations in the Show Run below), the "Remote Desktop" is any PC with internet connection.
F0/1 F0/0 DATA--------------------SW-------------------ROUTER(Cisco 2811)---------------------INTERNET---------------REMOTE DESKTOP 192.168.1.51 192.168.1.254 22.214.171.124 192.168.1.1 Current configuration : 2116 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec
We are about to move our IT rack to a data centre and will be adding a new Layer 3 (Catalyst 3560) switch beyond our ASA 5510 which will be providing our existing WAN plus another SVI which will be carrying our HSRP range.
I have never configured a switch to use two SVI's before and can't seem to find the relevant docs online.
I inherited a Ciscoworks installation, and would like to create a credential set for a certain class of device. However, after searching around the interface and documentation, I cannot find instructions on how to add a credential set with certain snmp, ssh, credentials. We use ACS authentication and authorization?
create a VPN dongle for my office users. I have Cisco ASA 5005 firewall. I want to give them remote access to our intranet but if the user doesn't have the dongle which has the certificate on it he/she can not connect to my office intranet.
i need to design a site-to-site VPN and VPN for remote users. I have attach a drawing, need to know if this is good setup. Mostly my concern is security. Im using ASA5520 for edge firewall and Linux firewalls are for additional security.I have to create 5 site-to-site VPN using IPSEC and 5 remote VPN clients. Site-to-site VPN are for trusted Office and remote VPN clients are only for our staff use.
From the diagram ASA5520 is configured as followed
outside interface is set to security 0 and connected to boder router to internet, inside interface is set to security 100 which is connected to a linux firewall which then goes to our internal lan.DMZ interface is set to security 50 which is connected to DMZ segment ,I decided to use the 4th interface for all VPNs which is set to security 100, and for this 4th interface i have created two sub interfaces vlan 400 (for site-tosite VPN) and vlan 500 (for remote access VPN). I did this because i have to use two separate linux firewall box. Linux firewall box for Site to Site VPN is configured with NAT but Linux firewall box for remote access VPN users are configured without NAT. I also want to know do i need to create a CA server or can i use pre-shared key with XAuth for remote access VPN users?
I am running windows 7 ultimate 32bit its been a long time that i've been trying to set a private server for call of duty 4 i've looked all over the web but no guide get my server online.i just read that i need to do something with ports etc(i dont even know what that is)