Questions tagged [cisco-asa]
Cisco's Adaptive Security Appliance (ASA) which combines functionality from the PIX, VPN 3000 series and Intrusion Prevention Systems (IPS) product lines
667 questions
0
votes
0
answers
47
views
VPN from ASA to Azure fails
Reopened with configuration added.
I have an on premises ASA that is multi-context firewall, so VTI not supported. (Even with the newest versions I suppose). So we are using policy based VPNs.
Ref:
...
1
vote
0
answers
48
views
VPN between Azure Gateway and ASA is not working as expected [closed]
I have an on premises ASA that is multi-context firewall, so VTI not supported. (Even with the newest versions I suppose). So we are using policy based VPNs.
Ref:
https://www.cisco.com/c/en/us/td/docs/...
0
votes
0
answers
47
views
Network Socket Address format used in Cisco ASA syslogs
I'm getting syslog logs from CISCO ASA where the ip addresses are coming in what I would call a non-standard format: The IP with port is being logged as 'd.d.d.d/port' (e.g. 10.0.1.2/63313') so it ...
0
votes
2
answers
208
views
ASA - Redundancy ISP in Multiple contexts
At the moment I am interested in the fault tolerance of the route to providers in Cisco ASA in multiple contexts.
As I know, in one context you cannot track the route and change it, but the task is to ...
0
votes
1
answer
315
views
Cisco ASA L2TP/IPsec split-tunnel not working for public Internet
I'm testing a setup using ASA to provide VPN over L2TP/IPSec PSK to support native IPSec clients such as iOS, Android, MacOS, Windows, etc.
The issue I'm running into is that when connected, the split-...
0
votes
1
answer
517
views
ASDM 7.20 doesn't work with script that works with ASDM 7.13
I have a script I wrote for Linux that enables me to use ASDM with Oracle Java 8. One version I know for sure works is 7.13.1 on an ASA 5516, but when I try the same script with 7.20.1 on an FPR 2110 ...
0
votes
2
answers
690
views
arp permit-nonconnected Not Working
I have a ASA 5506-X version 9.8(2). The ASA has two interfaces: g1/1 (outside, ip: 209.165.0.2/30), and g1/3 (inside, ip: 209.165.0.5/30).
g1/1 is connected to a 881-W router (Router-A), whose ip is ...
1
vote
0
answers
120
views
Issue with Cisco ASA IPSec VPN clients can't access DMZ network
I have one ASA that is configured for IPSec VPN Cisco client. The VPN allow access to inside network, but trying to get it to my DMZ is a problem. My VPN address pool is defined as 124.140.1.x /24. My ...
2
votes
1
answer
545
views
Does Cisco ASA support encrypted logging
Background
I am approaching this from a SIEM or Log Collection point of view. Our corporation is thinking about making encrypted logging mandatory
Question
Cisco ASA default appears to me to be send ...
0
votes
1
answer
738
views
Troubleshooting ipsec ikev2 site to site vpn
I assume, for peer IP we use, is the wan interface of the Cisco ASA and not the gateway of the ISP correct? Also, all routes should go to the same IP of the wan interface correct?
So we have two Cisco ...
0
votes
1
answer
118
views
Unable to configure Site to Site VPN between Cisco Router & Cisco ASA and permit SSH
I am performing configuration on Cisco ASA and Cisco Router from the packet tracer. I am attempting to allow the external network (172.16.22.100 255.255.255.0) to access the internal server which is ...
0
votes
1
answer
173
views
ASA 5555 loses internet connectivity every few days, problem resolves by re-enabling DHCP on wan interface
I'm having a weird problem with my ASA. Every few days the internet connectivity fails (f.e. cannot ping wan ip addresses from the ASA). Problem resolves by forcibly rebinding the DHCP by no ip ...
1
vote
1
answer
397
views
ASA5555-X vlans through port channel not working
I'm havin a problem with my ASA when trying to pass vlans through port channel to a switch. The goal being here that all vlans that we have would go through a single port channel (4 1Gb links for load ...
0
votes
1
answer
199
views
ASA cannot get traffic to pass port forward
I'm not able to get port forwarding to work for some reason on my asa 5555-x.
I have tried the below config:
!
object network SERVER
host 192.168.1.20
!
object service SERVICE_TCP_9982
service tcp ...
0
votes
0
answers
104
views
2 Cisco ASA Firewalls - TCP SYN FLOOD
Problem
We have 2 firewalls, a DMZ firewall and another firewall named FW1 in a testlab. Both are CISCO ASAs. The shared services and jumphost are behind the FW1 firewall. The 172.28.208.0/24 subnets ...