I am trying to setup a wireless guest access for a customer that has an asa 5520 v 8.0(I think) In any case we have everything working and the wireless is going out to the internet fine. The issue we are seeing is that when they try to access their websites from a the guest wireless, they get the external IP address and I am assuming because of antispoofing, it is not allowing the packet to come back in. Is there any way around this? I know in the Checkpoint you can set up a exclusion to do this.
it has 4 interfaces in use, internet,internal,wireless guest, and dmz which is where the webs are. I am assuming that when the wireless traffic goes out the internet port and tries to come bacck in the antispoofing drops it. the destination nat thing sounds familiar. if you point me to a link or something it would be appreciated.
That sounds like something I had done in the past on a old pix I just couldn't remember it. So it would appear that is my only option then? The checkpoint had a option of specifying what to bypass with antispoofing I just could not find anything with a pix/ASA to do that. Also the DNS doctoring would do about the same thing I just wouldn't have to create all the NAT rules but rather create alias commands to convert the DNS. We have gotten around this somewhat by using the DMZ DNS servers for the wireless clients and allowing the wireless to access these servers by the DMZ addressing. The real issue is that they have hundereds of subdomains that are not on the DMZ DNS server but are only on the internet DNS server.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...