February 14, 2011 10:35 PM
Posted by: Jason Tramer
8.4,
ASAHere is some of the new stuff that is in it:
http://itdualism.wordpress.com/2011/02/04/asa-8-4-first-look/
I am planning on testing it myself shortly and then doing a better review. Hopefully they changed NATing back from the god awful way they do it in 8.3 to the more awesome way it is done...
January 26, 2011 9:12 PM
Posted by: Jason Tramer
ASA,
DNS,
manipulating,
NAT,
queries,
query,
re-writinghttp://www.techrepublic.com/blog/networking/cisco-asa-and-dns-pain-is-there-a-doctor-in-the-house/1140
This article was a god send for me. I was trouble shooting this issue for a while. In my case I had an internal device on a private vlan that needed to resolve the public address of another...
January 22, 2011 2:27 PM
Posted by: Jason Tramer
ASA,
Cisco,
intra site routing,
routing,
routing within a networkWell it has been a long time, but I am back! Sadly elements in my personal life have kept me focused on other matters for the last 8 months or so and I apologize for that but I am ready and eager to return.
For my first issue I want to talk about is with Cisco ASA's and concerns how to set up a...
June 3, 2010 7:48 PM
Posted by: Jason Tramer
443,
5505,
ASA,
HTTPS,
NAT,
unable to reserve port 443 for static PATJust got this error when configuring an ASA, took me a bit to figure out what the issue was.
When trying to create a static NAT rule with port 443 you get the error:
unable to reserve port 443 for static PAT
The issue was that under Management access, ASDM access was granted on the...
December 30, 2009 2:54 PM
Posted by: Jason Tramer
access,
ASA,
ASDM,
CLI,
interface,
Management,
site to site,
VPNOk, so you want to manage your ASA from a network connected via site to site VPN tunnel. No prob. Two easy steps makes this happens.
First you have to add the network as an allowed access via the inside network. (I will use the 192.168.1.0/24 network in my example)
From CLI it's:
http...
December 16, 2009 2:17 PM
Posted by: Jason Tramer
address,
arp,
ASA,
Cisco,
interface,
IP,
route,
secondary,
staticUnlike in a Cisco router where you can used the secondary command to add a secondary address to an interface, the Cisco ASA does not support this. Here is a workaround however.
1. First find out the mac address of the ethernet interface you will be using:
sh interface Ethernet0/1
This should...
December 3, 2009 3:41 PM
Posted by: Jason Tramer
active,
Add new tag,
ASA,
ASDM,
Cisco,
CLI,
HA,
High Availability,
standby,
wizardOk so you can easily do this from within the ASDM using the HA wizard, however I recently tried this and had issues with the wizard not working for me. So here is how you do it from the cli:
Primary:
failover
failover lan unit primary
failover lan interface failover Ethernet X
failover key...
November 30, 2009 4:09 PM
Posted by: Jason Tramer
ASA,
Cisco,
VPN,
WatchGuardI have been working with a client with multiple sites and up until recently they have been using Watchguards at all sites. Recently we have been switching out some of the Watchguard for Cisco ASA's but there have been a ton of site to site VPN issues. For example, a tunnel goes down, so you re-key...
November 26, 2009 10:40 PM
Posted by: Jason Tramer
ASA,
CHAP,
Cisco,
Ipsec,
L2TP,
LDAP,
PAP,
PPTP,
RA,
Remote Access,
ssl,
VPNSo I configured my ASA to provide L2TP remote access VPN. I originally set it up with a local user database and it worked fine. After I decided to tie it in to LDAP so I could authenticate against Active Directory. I set up my LDAp integration and used the built-in test tool to make sure it worked,...