acomiskey

Member Since: Jan 10, 2007

English
acomiskey commented on ASA with FIREPower Service and licensing in License 5 months ago

I guess what was confusing is it sounds like the subscription is included in the bundle, in other...

acomiskey commented on ASA with FIREPower Service and licensing in License 5 months ago

I'm confused. Here is a snippet from the Firepower data sheet. "The following table includes Cisco...

acomiskey commented on Help Site to Site VPN Config in VPN 4 years ago

Did you do something similar for your nat exemption access list as well?

acomiskey commented on Urgent!!L2L vpn ASA 5005 & 1841, issue QM FSM error in VPN 4 years ago

Your crypto acl's should be exact mirrors of each other.If your router acl isaccess-list 111 permit...

acomiskey commented on Unable to delete user - Unity Connection in IP Telephony 4 years ago

Bump. Any help?

acomiskey commented on Unable to delete user - Unity Connection in IP Telephony 4 years ago

The user was deleted from the CUCM admin. The problem is it still shows in the Unity admin and won...

acomiskey commented on Unable to delete user - Unity Connection in IP Telephony 4 years ago

Sorry this is business edition. I'll try a reboot if I have a chance.

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

Wow, you're good! Thanks a million.

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

SCCP (Skinny)On the route list configuration I have Use calling party's external phone number mask...

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

You'd have to dumb that down for me a bit...haha. This is UCMBE w/ 2821 SRST + PRI.I played around...

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

Thanks Chris, the port monitor pointed me to the right direction.Here is the real issue.  I had...

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

Yes, line1 DN is associated with my user in unity. Default profile is the only profile and it is...

acomiskey commented on Shared line + Messages Button behavior help in IP Telephony 4 years ago

Yes I reset the phone.  The connection is being established on line1.

acomiskey commented on VPN clients cannot access remote site through site-to-site VPN in VPN 4 years ago

No, don't remove on the other end. That is needed.What does your split tunnel acl look like on...

acomiskey commented on VPN clients cannot access remote site through site-to-site VPN in VPN 4 years ago

You shouldn't need those last 2 lines there as the nat0 is applied to the inside interface, while...

acomiskey commented on VPN clients cannot access remote site through site-to-site VPN in VPN 4 years ago

It looks like you have the traffic defined in the crypto acl's and the nat0 acl on the site B asa...

acomiskey commented on configure communication from inside network to DMZ in Firewalling 4 years ago

Thanks for correcting me Ankur.

acomiskey commented on configure communication from inside network to DMZ in Firewalling 4 years ago

edit: Corrected by Ankur.

acomiskey commented on using IP "aliases" on ASA5505 in Firewalling 4 years ago

As long as the ISP is routing them to you, you can simply use them in your static/nat commands. No...

acomiskey commented on DMZ to "outside only" traffic in Firewalling 4 years ago

The way to do what you want is with an access list. There is no way to tell the ASA to filter on...

acomiskey commented on Windows Workgroup disabled when using Anyconnect in VPN 4 years ago

Unfortunately this isn't up to you, allowing local lan access is not a client setting. It would...

acomiskey commented on DMZ to "outside only" traffic in Firewalling 4 years ago

You must first deny traffic to the inside, then allow traffic to everything else. The ASA will...

acomiskey commented on Static to Dynamic ASA VPN Problems in VPN 4 years ago

I usually have to enable/disable pfs on one end or the other when I see the qm fsm error...but...

acomiskey commented on isolate internal net on port 4 asa 5505 in Firewalling 4 years ago

Create a new vlan interface and assign it a security level between your outside (100) and inside (0...

acomiskey commented on How to download Client in VPN 4 years ago

There absolutely is a 64 bit version of the ipsec vpn client. There wasn't for a long time but it's...

acomiskey commented on DMZ to INSIDE subnet access in WAN, Routing and Switching 4 years ago

access-list dmz_in extended permit tcp host 192.168.220.21 host 10.10.10.5 eq ftpaccess-group...

acomiskey commented on Can't ping anything from a VPN client - ASA 5510 in VPN 4 years ago

Kevin,My first recommendation would be to use another network for your vpn clients. You don't want...

acomiskey commented on ASA 5505 - Cannot ping outside natted interface in Firewalling 4 years ago

You are looking for this. 2 options, dns doctoring, or hairpinning (2nd part of document.) Post...

acomiskey commented on Remote VPN using Site 2 Site VPN in VPN 4 years ago

3 things. You must allow traffic to enter/exit same interface at ASA-01same-security-traffic permit...

acomiskey commented on query on nat exemption and anyconnect vpn client in VPN 4 years ago

Would have to see your config to tell you why it's working without nat exemption, but it is...

acomiskey commented on Access from DMZ in one location to Inside at another location - between Cisco ASA devices in LAN, Switching and Routing 4 years ago

I guess I'm confused as to where these 2 hosts are. Are you saying that 10.8.20.10 is in the dmz of...

acomiskey commented on Access from DMZ in one location to Inside at another location - between Cisco ASA devices in LAN, Switching and Routing 4 years ago

Try adding.... static (inside,dmz) 10.8.22.0 10.8.22.0 netmask 255.255.255.0

acomiskey commented on Two Branch VPN communication? in VPN 4 years ago

Yes that is possible but would need to be configured.Headquarters - add this to allow traffic to...

acomiskey commented on Packet Loss on Catalyst in WAN, Routing and Switching 4 years ago

Try a "show int status" on the catalyst, check if any of the ports are running 10Mb or half duplex.

acomiskey commented on Firewall ACL bypass doubt in Firewalling 4 years ago

Yes it would be allowed.

acomiskey commented on RIP and Static Routes all mixed up in WAN, Routing and Switching 4 years ago

John, perhaps you could rephrase what the issue is exactly, you may get more help. As it appears,...

acomiskey commented on Access to DMZ from remote sites over S2S VPN in VPN 4 years ago

Yes. So if you're doing this in ASDM under Edit Site to Site connection Profile, it will look like...

acomiskey commented on Access to DMZ from remote sites over S2S VPN in VPN 4 years ago

Add the following traffic to your existing vpn's. You have to tell the ASA's to encrypt this...

acomiskey commented on Access to DMZ from remote sites over S2S VPN in VPN 4 years ago

As long as the traffic is specified in your crypto aclsaccess-list xxx extended permit ip 10.1.0.0...

acomiskey commented on Help with Hairpin/U-Turn VPN in VPN 4 years ago

3 things. You must allow traffic to enter/exit same interface at Head office.same-security-traffic...

acomiskey commented on Help with Site to Site VPN on ASA5505 in VPN 4 years ago

Curious if you had any success with the solution above?

acomiskey commented on no sysopt connection permit-vpn or VPN filter in Firewalling 4 years ago

Only tried vpn-filter once and it didn't work properly, but that was a while ago. I think I was...

acomiskey commented on VPN/P2P Routing in Firewalling 4 years ago

Site A ASA needs a route to the 192.168.4.0 network.route inside 192.168.4.0 255.255.255.0 192.168....

acomiskey commented on L2L VPN without remote peer IP address in VPN 4 years ago

If they initiate the connection then yes it will work but the configuration will vary depending on...

acomiskey commented on Help with Site to Site VPN on ASA5505 in VPN 4 years ago

Ok Steven, I got this set up and working between 2 ASA5505's. Here are the configs. What you need...

acomiskey commented on Network redesign w/ 5510 and 2951 in Firewalling 4 years ago

ASA

acomiskey commented on Network redesign w/ 5510 and 2951 in Firewalling 4 years ago

Should be as simple as putting a small transport network between the ASA and the router. Set...

acomiskey commented on Help with Site to Site VPN on ASA5505 in VPN 4 years ago

Yes it is correct. The whole idea of what you are doing here is to hide the real address behind a...

acomiskey commented on Help with Site to Site VPN on ASA5505 in VPN 4 years ago

I think I may finally understand this myself. With this configaccess-list POLICY_NAT extended...

acomiskey commented on Help with Site to Site VPN on ASA5505 in VPN 4 years ago

Steven, I assume you have a similar static policy nat configuration on the sonicwall end as well?

Bio












acomiskey's Stats

Points3296
Discussion started 72
Answers marked as Correct 296
Endorsed 0
Content Rated 68