I have an ASA connected to an rfc1918 network via a cryptomap.
[inside:10.0.0.1:ASA :184.108.40.206:outside]<--- cryptomap vpn ---->[ another ASA ]<--->192.168.1.10
Now 192.168.1.10 can ping (and get icmp echo replies) from 10.0.0.1, but when I try to ping 192.168.1.10 from the ASA it'self, the syslog shows an error:
Deny IP spoof from (220.127.116.11) to 192.168.1.10 on interface outside.
So how do I apply an access list to the internal interface of the ASA that will allow me to "nat 0" it's own internal interface? Usually the access lists are set up so that packets coming *into* the interface can be nat exempted, but how do I do it if the packet originates from the ASA?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...