Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5512-X numerous issues

Hello,

We have recently implemented a new Cisco ASA 5512-X firewall replacing and old Cisco ASA 5505 Firewall.

We have a number of issues which we are encountering and have so far been unable to rectify. The config was copied visually across to the new firewall from the old so the majority of the config matches the old firewall. I have attached the config.

1. VOIP Phones not conencting to ntp uk.pool.ntp.org - Our VOIP network is on its own vlan inside the network. The phones were able  to conenct to the ntp externally before the new firewall was inplace. I have tested numerous access rules but with no luck.

2. VPN - We have setup a site to site VPN between the new Firewall and a SonicWall. The SonicWALL is showing the following errors from our firewall

07/10/2013 12:38:24.192

Info

VPN IKE

Received IKE SA delete request

77.107.90.203, 500

164.40.213.246, 500

VPN Policy: New_VPN

6

07/10/2013 12:38:24.192

Warning

VPN IKE

Received notify. NO_PROPOSAL_CHOSEN

77.107.90.203, 500

164.40.213.246, 500

7

07/10/2013 12:38:24.160

Info

VPN IKE

IKE Initiator: Start Quick Mode (Phase 2).

164.40.213.246, 500

77.107.90.203, 500

VPN Policy: New_VPN

              

3. Firewall rules for outside coming in do not allow pointing to the NAT object of a device we have to use the internal network object instead.

Any help would be much appreciated.

Many Thanks

James

Everyone's tags (4)
412
Views
0
Helpful
0
Replies