Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [cisco-asa]

The Cisco ASA (Adaptive Security Appliance) series of products provide Firewall and VPN functionality.

The Cisco ASA (Adaptive Security Appliance) series of products provide Firewall and VPN functionality as standard. This is Cisco's replacement line for the PIX range, but has additional functionality, mostly related to security, through additional modules.

772 questions
3
votes
1 answer

Modifying ASA HTTP authentication page

The Cisco ASA has a feature where a blocked HTTP request can be redirected to a web page hosted on the ASA itself in order to allow the web user to authenticate himself to the ASA and unblock the request. This is configured with the aaa…
wfaulk
  • 6,878
  • 7
  • 46
  • 75
3
votes
1 answer

Microsoft NPS 2012 R2 - Can't perform authentication from Cisco ASA with PAP

I am trying to setup a Cisco ASA (version 9.1(7)6) to authenticate against a Microsoft Network Policy Server 2012 R2. The ASA is able to communicate with the NPS server, however the test aaa-server command returns AAA Failure. Checking the security…
Muh Fugen
  • 309
  • 1
  • 5
  • 14
3
votes
1 answer

ASA 5505: How do I access the DMZ web server from the inside using the public IP?

We are using a 5505 ASA Sec+ (8.2). There are three interfaces: inside (172.17.0.0/24), dmz (172.16.0.0/24) and outside (1.2.3.4 for the example). There are static NAT rules set up translating 1.2.3.4 to servers on the dmz (including 1.2.3.4:80 to…
Nils
  • 744
  • 1
  • 7
  • 16
3
votes
5 answers

Cisco ASA - manually start a VPN tunnel

Using a cisco ASA is it possible manually bring up a lan to lan VPN tunnel & SA from the device, rather than having one of the systems that is part of the VPN initiate traffic to start the VPN? I'd like to avoid having to trigger a ping on one of…
DrStalker
  • 6,946
  • 24
  • 79
  • 107
3
votes
1 answer

Cisco ASA 5505 - L2TP over IPsec

I have followed this document on cisco site to set up the L2TP over IPsec connection. When I try to establish a VPN to ASA 5505 from my Windows XP, after I click on "connect" button, the "Connecting ...." dialog box appears and after a while I get…
xraminx
  • 223
  • 3
  • 7
3
votes
2 answers

High number connections coming from an IP

On our corporate network we're detecting workstations opening too many connections to the IP address 75.126.196.159 (port 3478) causing the Cisco ASA Firewall 5550 to detect a "SYN Attack" and reach its limit in terms of connections, causing a…
Andre
  • 1,341
  • 4
  • 19
  • 34
3
votes
2 answers

Static public IP issue on Cisco ASA 5512x

This is our scenario: We have an Cisco ASA 5512x and we have 2 different Internet connections from different ISPs connected with it. ISP A is being used for the users browsing traffic(normal internet) while ISP B is used for site-to-site tunnels and…
StefanGrech
  • 154
  • 2
  • 10
3
votes
1 answer

What are the repercussions of using an EOL Cisco firewall?

I'm looking at using an ASA 5520 for the database of an ecommerce site. According to End-of-Sale and End-of-Life Announcement for the Cisco ASA 5520 Adaptive Security Appliance, this product is currently in the middle of a series of end of life…
smartcaveman
  • 685
  • 2
  • 8
  • 18
3
votes
2 answers

Possible to use a console cable from a Cisco ASA and use it interactively with ESXi?

I'm creating procedures to deploy a Cisco ASA and an ESXi machine to remote locations where no local tech contacts are available. I think it may be a wise idea to connect the console cable from the ASA to the ESXi machine to assist in local & remote…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
3
votes
1 answer

Openswan Cisco ASA 9.1 -- cannot resopnd to IPsec SA request because no connection is known for

Ok, so I have a simple VPN IPSEC setup with a single Linux host that has a public IP address and a loopback interface of 172.16.255.1. On the right side I have a Cisco ASA 5505 9.1. the issue is the Cisco ASA says when debugging "PHASE 2 Completed"…
Jim
  • 988
  • 7
  • 20
  • 33
3
votes
1 answer

Can't access ASA website to download ASDM launcher

Hoping someone can give me a pointer on here. I recently took a new position and am currently trying to learn the new system. I'm having trouble getting to ASDM and have Googled plenty to no avail. I can access the ASA via Putty/SSH and see in the…
user95917
  • 41
  • 1
  • 2
  • 3
3
votes
1 answer

cisco ASA - redirect a port on external interface to an internal server port

Using a cisco ASA device with an external IP of 200.20.20.20 (interface OUTSIDE) and an internal subnet of 10.1.1.1/24 (interface INSIDE), how can I configure the ASA so that all traffic to a specific port on the external interface gets directed to…
DrStalker
  • 6,946
  • 24
  • 79
  • 107
3
votes
0 answers

How can configure Cisco ASA 5510 to allow access to Web server in DMZ from LAN with port translation?

I am trying to configure Cisco ASA 5510 firewall to allow access from LAN to DMZ web server. Web server is located in the DMZ and is using port 8080. I don't want users to type port number every time they try to access the site. So it should forward…
Sean Kilb
  • 131
  • 2
3
votes
1 answer

ASA 5510 Site to Site VPN works in one direction

I have setup a site to site VPN connection between two Cisco ASA 5510. One site (let's call it A) can see the private network of the other site (site B), but site B cannot see the private network of the site A. The access lists and routes of both…
Feri
  • 91
  • 2
  • 9
3
votes
2 answers

NTP client on CentOS 5 fails behind Cisco ASA firewall

I have a CentOS server on which I want to set up an NTP client to get accurate time for the server. The server is on a local subnet with NAT behind an ASA 5505 firewall, which acts as NAT router, and which in turn directly connects to the internet…
nepdev
  • 391
  • 1
  • 7
  • 21
1 2 3
51 52