Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Xbox Live issue with ASA5505

I use a Cisco ASA5505 at home to allow VPN access to work.  For some reason, I'm unable to use Xbox Live Messenger or Group invites.  When I do a network test, everything goes through, except that I get an exclamation saying that my NAT is set to Moderate.  Everything seems to work fine as far as downloading and sending messages, but I can't use Messenger or get into Groups.  I'm still pretty new to setting up Cisco equipment, so I know I'm missing something.  Here is a copy of my "show run" from the ASA:

Thanks

!
interface Vlan1
description Garda VPN network
nameif inside
security-level 100
(IP DELETED)
!
interface Vlan2
description Internet
nameif outside
security-level 0
ip address dhcp setroute
!
interface Vlan3
description Home network
no forward interface Vlan1
nameif dmz
security-level 1
ip address 192.168.2.1 255.255.255.0
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 3
!
interface Ethernet0/2
switchport access vlan 3
!
interface Ethernet0/3
switchport access vlan 3
!
interface Ethernet0/4
switchport access vlan 3
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS

same-security-traffic permit inter-interface
access-list outside_access_in extended permit icmp any any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip verify reverse-path interface outside
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp deny any outside
icmp permit any dmz
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 101 interface
nat (inside) 101 0.0.0.0 0.0.0.0
nat (dmz) 101 0.0.0.0 0.0.0.0
access-group outside_access_in in interface outside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 10.0.0.0 255.0.0.0 inside
http (IP DELETED) 255.255.255.240 inside
http 192.168.2.0 255.255.255.0 dmz
http 10.0.0.0 255.0.0.0 outside
snmp-server location Home Network
snmp-server contact Gary Shamlian
snmp-server community ATSRO
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet (IP DELETED) 255.255.255.240 inside
telnet 10.0.0.0 255.0.0.0 inside
telnet 10.0.0.0 255.0.0.0 outside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd auto_config outside
!
dhcpd address (IP DELETED) inside
dhcpd dns (IP DELETED) interface inside
dhcpd wins (IP DELETED) interface inside
dhcpd domain (DOMAIN DELETED) interface inside
dhcpd option 150 ip (IP DELETED) interface inside
dhcpd enable inside
!
dhcpd address 192.168.2.100-192.168.2.131 dmz
dhcpd enable dmz
!
vpnclient server (IP DELETED)
vpnclient mode network-extension-mode
vpnclient nem-st-autoconnect
vpnclient vpngroup (GROUP DELETED) password ********
vpnclient username (NAME DELETED) password ********
vpnclient enable
priority-queue inside
ntp server (IP DELETED) source outside prefer
ntp server (IP DELETED) source outside
ntp server (IP DELETED) source outside
ntp server (IP DELETED) source outside
ntp server (IP DELETED) source outside
ntp server (IP DELETED) source outside
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
  inspect pptp
  inspect ipsec-pass-thru
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:b97849320c12fc522be97262990b08e2
: end

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Xbox Live issue with ASA5505

Hi gshamlian,

Sorry for the late reply but the ASA 5500 series is considered a Cisco Classic product and this forum is for Cisco Small Business Products.

I did some research and found a post in the Cisco NetPro Forums that may be of help.  Please click here for more info.

Best regards,

Cindy Toy

Cisco Small Business Support

Community Manager

Regards, Cindy If my response answered your question, please mark the response as answered. Thank you!
2 REPLIES
Silver

Re: Xbox Live issue with ASA5505

Hi gshamlian,

Sorry for the late reply but the ASA 5500 series is considered a Cisco Classic product and this forum is for Cisco Small Business Products.

I did some research and found a post in the Cisco NetPro Forums that may be of help.  Please click here for more info.

Best regards,

Cindy Toy

Cisco Small Business Support

Community Manager

Regards, Cindy If my response answered your question, please mark the response as answered. Thank you!
Community Member

Re: Xbox Live issue with ASA5505

Cindy,

Thanks so much for the reply.  Sorry for the misplacement of my question, I didn't know where else to post it.  I actually returned my ASA to the network department for redistribution and am using a software vpn instead.  I'll keep this thread handy though in case my company ever does away with the software vpn and moves to strictly hardware vpn access.

4581
Views
0
Helpful
2
Replies
CreatePlease to create content