Cisco ASA – ‘Prove it’s Not The Firewall!’
KB ID 0001049 Problem Yeah, it’s funny because it’s true! The article title might not sound like the most professional approach, but when the ‘Well it’s not working now’ finger gets pointed at the ‘firewall guy/girl’, they need to ascertain two things; 1. Is the problem actually the firewall, if not then help the frustrated party track down the actual problem. 2. If your problem IS the...
Cisco ASA (acl-drop) Flow is Denied by Configured Rule
KB ID 0001108 Problem Packet-tracer is a brilliant troubleshooting tool, but sometimes interpreting the output proves to be more difficult that actually fixing the problem. If your output fails at the access-list section this is the sort of thing you will see; Petes-ASA# packet-tracer input inside tcp 10.2.2.10 80 123.123.123.123 80 —-Output removed for the sake of brevity— Type: ACCESS-LIST Subtype: Result: DROP Config:...