Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
3
Replies

New configuration behaviour

Go to solution
Brendan Wood
Level 1
Level 1

‎07-10-2012 08:16 AM - edited ‎03-11-2019 04:29 PM

Hi,

Would like to know if the following behaviour is normal with a new setup on an ASA having security+ installed;  (or after a reset to factory defaults);

is it normal that we can't access the server on the dmz (remote desktop for example) from the inside(lan) without any access lists or nat rules defined?  I thought this was out of the box behaviour..  I am using version 8.4 of the firmware.

thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎07-10-2012 11:01 AM

Brendan,

outbound connections should be allowed - determined by security-level of the interfaces.

I'm pretty sure we have not changed this behavior for a while.

What have you seen in logs during testing.

Marcin

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎07-10-2012 11:01 AM

Brendan,

outbound connections should be allowed - determined by security-level of the interfaces.

I'm pretty sure we have not changed this behavior for a while.

What have you seen in logs during testing.

Marcin

0 Helpful

Go to solution
Brendan Wood
Level 1
Level 1
In response to Marcin Latosiewicz

‎07-10-2012 07:44 PM

Guess what, the router for some reason fell back to version 8.2 of the ASA firmware when I reset it to factory defaults.  I really don't understand why it fell back to that version again.

So after upgrading again to 8.4 it now allows me to get to the DMZ as you specified.

Any way to have 8.4 the new permanent firmware that will survive a factory defaults command?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to Brendan Wood

‎07-10-2012 11:28 PM

You have both images in Flash. When you do not specify which image to load, the ASA picks the first in flash. When you set your ASA to factory default, your "boot image ..." command is gone and the newer image is not loaded any more. If you are sure that you don't want to go back to the old image, then just delete it from flash.

Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card