Search results for query: *

Hi Boson are pretty good, I use test king myself and found them to be always spot on.

The RPC will be denied by smart defense as it will think this is an attack, the rpc can be switched off or re-configured to a higher threshold in the smart defense dashboard, or simply a add a rule to he FW allowing 135 DCE RPC to and from the required IP's, don't forget to amend, remove any...

Hi, Yes what you wish to do is possible, but the easiest way would to be just use VRRP and set up a pc as your management station, NOKIA clustering can cause a few issues. WGM

ok just for info incase anyone else has the same issue, it was solved by putting a no-nat rule for the 10's networks. cheers, WGM

why?

Hi, Think you need a acl something like this, only with your required ip's and ports; access-list outside_1_cryptomap extended permit ip 192.168.27.48 255.255.255.240 10.0.1.0 255.255.255.0 cheers, WGM

Hi, When I went to school http was a tcp connection and hence if established from the trusted LAN and http was allowed from said trusted LAN, a dowload as you say, cannot be blocked, if you are allowing raw http from the trusted LAN, can you please be more specific in your question, is it...

OK here is the error message, but the cisco error decoder dosn't like it, Config nat (inside) 1 10.0.0.0 255.0.0.0 match ip inside 10.0.0.0 255.0.0.0 inside any dynamic translation to pool 1 (No matching global) translate_hits = 2, untranslate_hits = 0 so what is he global statement that...

brianinms first thing I checked they all point back to the 3600 interface that's on the LAN, it's to do with the ACL's and he NAT statements, will put the errors into the cisco tool and get it from that, just thought someone on here might have spotted the error in the config. thanks for you...

they all connect into a cisco 3600 which then points them to the asa, I'm looking at changing this at the minute which would no doubt solve the problem, but was just wondering what experinced cisco users made of the config and why it is not pasing the traffic, as when I replace the asa with the...

Hi Thanks for teh reply, but could you expand a bit on it, the 192 address is the management ip and I can get to it no problem, the problem lies with the remote sites that are connected via a cisco router getting to the corporate 10.0.1.0 /24 network, the remote sites are all 10.0.2, 10.0.3...

Hi, Just been given this network to look after and it has an ASA 5500, which I'm brand new to and the problem is that traffic can't seem to get pass the device when it is all on the trusted side. We have 12 networks connected via a cisco router, and the asa on the corporate LAN which all the...

do you see any dropped packets on tracker? do you have anti spoofing defined on he interfaces, if so have you included all the relevant networks? do you have route statements for the DMZ subnet with the gateway as the DMZ interface?

from CLI run cpconfig and then add yourself as an administrator and you can add tour pc as a GUI client, this should give you access to the FW.

do you hav oob access to the FW or is the access inband, if you have oob acces then you will be able to acces the FW fine by either the voyager or CLI.

think you need to review basic networks and TCP/IP, your ISP has given you a /30 subnet this has 2 usable hosts with a network and broadcast address, a broadcast address is integral to a network, no matter what size, working correctly. there is a way of using the broadcast address but it is not...

what was the last change you made to the FW, are you the only person with acces to the FW? try a fw unloadlocal, then you should be able to access the FW via the GUI check the rules make sure the stealth rule is not above any management access rule then push the policy and see what happens.

have you got a VPN setup on the external IP?

Take it you have a management server with central licensing? if so you just build the box as normal chose distributed on the type of deployment, do the SIC seed. then from the management server re-establish SIC then push the policy. hth WGM

can you access the box via the CLI? if not it sounds like your access has been removed/lost in a policy update.