We have recently implemented an ASA5510 replacing our old PIX520. One of the offices here uses a Honeywell digital video recorder that they remotely access via Honeywell's RAS remote access software. Since putting it the ASA they cannot connect to the HRDV. If I try an outside interface bypassing the ASA, everything works fine. Looking at a packet capture, the app uses port 44442 initially then negotiates other ports. When behind the ASA the port negotiation doesn't happen, it just continues to try the same port. I'm kinda confused because this traffic is initiated from the inside so it should come back through with no problem. Thanks all in advance.
We are also experiencing an e-mail issue where the clients are getting multiple copies of a message (100+) so as a troubleshooting procedure I put the old PIX520 back in place. I tried the RAS connection and it worked fine. As far as I can see the firewall configs for both appliances look the same as to access lists/conduits etc. Could it be the IDS side of the ASA5510 that is causing the problems? I'm wondering if someone can look at the configs of both my PIX520 and ASA5510 and tell me the differences as far as traffic allowed etc. Thanks all.
Do you have IDS module in that ASA? Try to disable the esmtp and smtp fixup and see if that makes any difference for email issue. Also for the other issue try to disable the related fixup. are there any logs available?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :