Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [cisco-asa]

The Cisco ASA (Adaptive Security Appliance) series of products provide Firewall and VPN functionality.

The Cisco ASA (Adaptive Security Appliance) series of products provide Firewall and VPN functionality as standard. This is Cisco's replacement line for the PIX range, but has additional functionality, mostly related to security, through additional modules.

772 questions
0
votes
0 answers

Site-to-Site VPN from Cisco ASA 5505 to Amazon VPC

I am trying to establish a VPN connection from our on-premises rack to our Amazon VPC. The router/firewall that we have is a Cisco ASA 5505 running software version 9.1(7)23. According to Amazon's documentation, the 5505 is tested to work…
Ithizar
  • 1
  • 2
0
votes
0 answers

ASA allow DNS service inside to be accessed from outside

I have a shared networking environment for tenants on our building, the ASA sits between a small business internet modem and each tenant's network. Gateway Modem Cisco ASA DNS Server 192.168.001.254 <---> 192.168.001.253 …
Revenant
  • 1
  • 2
0
votes
1 answer

Squid proxy between two firewalls, need iptables solution

At the company I work for we need to implement what I think it's called transparent proxy. How it's now: A(lower secured area)--Cisco ASA-----Cisco ASA----B(higher secured area) What we need: A(lower secured area)--Cisco…
Chris
  • 1
-1
votes
1 answer

Router work as IPsec client to Cisco ASA

Is it possible to configure mikrotik as IPsec vpn client to Cisco Asa? I have ASA connected with static IP to the internet and want to connect mikrotik router behind dynamic IP internet connection to the ASA and I think the most desired connection…
Mr.lock
  • 107
  • 3
-1
votes
1 answer

Changing existing NAT rule on Cisco ASA

This is the exact line I want to edit nat (inside,outside) source static thatplace thatplace destination static thisplace thisplace no-proxy-arp route-lookup All I want to do is enable proxy-arp. How can I do that?
gndlp
  • 129
  • 3
-1
votes
1 answer

Cisco ASA5505 - icmp deny any outside breaks internet - how to block outside pings?

We want to block any ICMP requests that are initiated to our network from the public internet. I ran icmp deny any outside, but when I do that, it takes down our internet - nobody can load web pages. Removing it by running no icmp deny any outside…
sa289
  • 1,318
  • 2
  • 18
  • 44
-1
votes
3 answers

Why can I not ping my host behind the firewall? Cisco asa 5505

Can anyone please help me to figure out, what in my configuration of the Cisco asa 5505 is wrong or missing? I have multiple host behind my firewall. These hosts run different websites on port 80. I can ping the server from one to another, but I am…
Banks
  • 9
  • 1
  • 2
-1
votes
1 answer

Find source(s) of dropped packages in Cisco ASA GUI

we are using pair of ASA 5520 Firewalls with ASDM 6.4. Can someone enlighten me, how to find out which is(are) the source or target ip(s) when we got a hugh bunch of dropped packages come in (by ASDM or CLI)? As of today, we had >100.000 dropped…
Jimmy Koerting
  • 151
  • 1
  • 8
-1
votes
2 answers

Why am I getting permission error from tftp server?

I'm trying to tftp an image to an ASA 5500 and I'm getting this error: TFTP failure: RX TFTP Error Packet TFTP OP Code: Error Packet Error Msg: Permission denied
AXE Labs
  • 1,549
  • 5
  • 19
  • 24
-1
votes
1 answer

ASA stops internet when connected to VPN - firmware 9.x

I'm having issues setting up Remote access VPN on Cisco ASA (firmware 9.1) i'm able to connect via the VPN and access all internal resources but i'm not able to access internet when connected to the VPN. I don't know split tunneling here is my…
Paul
  • 159
  • 1
  • 2
  • 12
-1
votes
1 answer

IPsec VPN Server behind Cisco ASA (Transparent mode)

I've a Cisco ASA 5510 with transparent mode, and I'm going to setup a IPsec VPN(Openswan) in a internal linux server(with Public IP). This server has 2 NIC, 1 public IP, and 1 internal IP. I've opened port 500 and 4500 in the Cisco firewall,…
user3114168
  • 121
  • 1
  • 1
  • 4
-1
votes
1 answer

Cisco ASA 5505: Created a faulty NAT rule. Can't reach the ASA

I was trying to create a NAT rule to reach my internal web server from inside the LAN. Something must have gone wrong. Now when i try to reach the ASA through https://192.168.1.1 the response is from the web server (192.168.1.5), so I can't reach…
supremo
  • 11
  • 4
-1
votes
1 answer

New Fiber Installation Resulting in Slow Download Speeds

TWC 80Mbps Cisco ASA 5510 (MTU 1500) Download speeds on my Windows and Mac machines are ~200KB/sec. If I use a download manager that opens 20 concurrent connections I can hit the full 8MB/sec. I thought okay maybe it's a problem with a switch or…
Michael
  • 506
  • 2
  • 8
  • 19
-1
votes
1 answer

Cisco ASA Determine static NAT programmatically?

Is it possible to determine the static nats on an ASA 5550 or 5540 running 8.2(x) programmatically? I don't see it as an available SNMP oid but perhaps I am missing it.
Starsky
  • 103
  • 1
  • 8
-1
votes
1 answer

cisco asa + action drop issue

Have created a tunnel between 10.x.y.z network and 122.a.b.c ..the tunnel is up and active, but when I try the packet tracer output ..I get the ACTION as drop. I have also enabled same-security-traffic permit intra-interface. Can someone help me…
ghp
  • 1
  • 1
  • 3
1 2 3
51
52