Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

another ASA question

Hi expert,

Grateful if the expert could advise on it.

11. If there is one DMZ, does the extra default route (item a) need to be configured for the DMZ?

a. route dmz 0.0.0.0 0.0.0.0 210.1.3.1 (for DMZ)

b. route outside 0.0.0.0 0.0.0.0 210.1.3.1 (for outbound traffic to Internet)

12 how do I defind the "CHK_attack" object if the command is configured as below?

ip audit interface inside CHK_attack

13. The decription from the command reference is obscure, grateful if you could advise on the "LOCAL". what user account to be auth?

dynamic-access-policy-record InControlPolicy

aaa authentication enable console LOCAL

14 if the enable password is not configured but the enable secret was confiured, what will happen if the command is configured as below?

aaa authentication http console

15. Following is the default policy to be configured from the cisco web site. What happen if those commands are removed? what is the different between command "ip audit interface outside CHK_attack"?

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

!

service-policy global_policy global

rdgs

2 REPLIES
Green

Re: another ASA question

"11. If there is one DMZ, does the extra default route (item a) need to be configured for the DMZ?

a. route dmz 0.0.0.0 0.0.0.0 210.1.3.1 (for DMZ)

b. route outside 0.0.0.0 0.0.0.0 210.1.3.1 (for outbound traffic to Internet) "

NO. 210.1.3.1 exists on the outside interface, not the DMZ.

Community Member

Re: another ASA question

Hi,

any idea regarding item 12 - 15 ?

rdgs

126
Views
0
Helpful
2
Replies
CreatePlease to create content