Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

New configuration behaviour

Hi,

Would like to know if the following behaviour is normal with a new setup on an ASA having security+ installed;  (or after a reset to factory defaults);

is it normal that we can't access the server on the dmz (remote desktop for example) from the inside(lan) without any access lists or nat rules defined?  I thought this was out of the box behaviour..  I am using version 8.4 of the firmware.

thanks.

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

New configuration behaviour

Brendan,

outbound connections should be allowed - determined by security-level of the interfaces.

I'm pretty sure we have not changed this behavior for a while.

What have you seen in logs during testing.

Marcin

3 REPLIES
Cisco Employee

New configuration behaviour

Brendan,

outbound connections should be allowed - determined by security-level of the interfaces.

I'm pretty sure we have not changed this behavior for a while.

What have you seen in logs during testing.

Marcin

Community Member

New configuration behaviour

Guess what, the router for some reason fell back to version 8.2 of the ASA firmware when I reset it to factory defaults.  I really don't understand why it fell back to that version again.

So after upgrading again to 8.4 it now allows me to get to the DMZ as you specified.

Any way to have 8.4 the new permanent firmware that will survive a factory defaults command?

VIP Purple

Re: New configuration behaviour

You have both images in Flash. When you do not specify which image to load, the ASA picks the first in flash. When you set your ASA to factory default, your "boot image ..." command is gone and the newer image is not loaded any more. If you are sure that you don't want to go back to the old image, then just delete it from flash.

Sent from Cisco Technical Support iPad App

218
Views
0
Helpful
3
Replies
CreatePlease to create content