Cisco Spam & Virus Blocker

Hello
How is the license handled on the Spam & Virus Blocker? Our customer has approx. 120 Lotus Notes Mailboxes. But he only use 30 Mailboxes for external Mailing, the other Mailboxes are only used for calendar and internal mailing.
Can I take a Box for 50 users or will this not work? How will the Spam & Virus Blocker handle the license?
Thanks and regards
Luke

relayhost = 192.168.0.000.
I find it extremely unlikely that IP address is valid for your network (or any network, for that matter).
I don't know if you've masked it trying to hide the real address (there's no point since it's a private network address anyway), but just in case that is what you've set, you will need to change that to the actual IP address of the mail appliance.
I did that and tested sending an email to an outside address but no relay.
What do you mean by 'no relay'. Do you mean that the mail server delivered the mail without relaying it through the appliance? Or that the mail didn't get delivered at all?
What do the log files have to say about it?

Similar Messages

Spam & Virus Blocker / Exchange 2007

I have been running the Spam & Virus blocker for a month and love it. I'm in the middle of an email server migration (Ex2003 to Ex2007). I wanted the blocker to start forwarding (SMTP route) to my Ex2007 box instead of my Ex2003 box. The blocker continues to tell me that my Ex2007 box is down (Monitor - Delivery Status) and no mail gets delivered. If I bypass the blocker, mail gets delivered to Ex2007 just fine. Any ideas on how to fix this?

Problem solved, it was an ID10T error. I was asking the blocker to SMTP route to my domain controller and not the Exchange 2007 box. Once I realized my mistake, I put the correct server name into SMTP route, and it works perfect.

Spam and Virus Blocker EOL

Can anyone confirm that come December 31, 2015 the SPAM and VIRUS Blocker will become a brick with no more updates and no ability to to filter SPAM and Viruses?
Very troubling if true. Money spent on a hardware platform just to have it go EOL a couple of years later.

Which model appliance do you have? If you have a "Blocker" which is the small business platform - EOL is listed actually 12/2011.
If you have a C-series, or larger... EOL information for hardware is based here:
http://www.cisco.com/web/ironport/c_x_series_life_cycle.html
EOL information for AsyncOS revisions specific is based here:
http://www.cisco.com/web/ironport/asyncOS_esa_eol_dates.html
-Robert

Spam & Virus check only - no user accounts

I am trying to use one of my OS X Server boxes as a spam/virus filter only. I want it to listen on port 25 and relay to the same machine port 325 to hit another SMTP server. I have entered all of my domains and sub-domains into the virtual domains screen. I have not set up any user accounts.
I see that I can set outgoing SMTP relaying through the GUI and it does seem to accept xxx.xxx.xxx.xxx:325 as a format - but I am not sure that this is legal. Is it? I also found in the archives that this may have to be hand written into the config file as the GUI does not enter relay values correctly. Is this still true in 10.4.4?
How do I force all incoming mail to pass through the server and automatically send on to the outgoing SMTP. This is kind of like a backup mail server that accepts mail and relays it on when the primary comes back on line. Please point me to the config file if that is where I need to be editing.
Dean
Dual G5 2GHz Mac OS X (10.4.4)

I continued work on this issue today. First, I checked and the three User account folders were present in the Users folder along with the one new account created as part of the Mac OSX Tiger A&I. For some reason, not one of these 4 was accessible from the Login screen; it acted exactly if there were no user accounts.
Purchased and installed DiskWarrior 4 on the FW drive and rebuilt the directory of the iMac's internal drive. Ran all other tests available w/ DW. Still no joy on logging in. I should NOT have had to see the Login screen at all if the new user had been created properly.
Punted. Copied everything I thought I would need to the external drive, then did an Erase & Install of OS X Tiger. Applied all updates, no problems logging in. Copied all the original User/username files and folders and restored a few apps.
Finally, after much wasted time, I have all but one App running and all data files, folders, pics, music restored.
Adobe Photoshop Elements 3.0 fails because I apparently failed to save a .plist file somewhere and now I learn too late that PE 3.0 will not install on a 10.4.x system. Sigh.

Anti malware / anti spam / virus protection

Greetings,
With the introduce of Exchange Server 2013 along with its architecture, Microsoft has moved Transport services / roles to Mailbox Server Role. well, when it comes to anti malware / anti spam and viruses , Microsoft recommends deploying them on Mailbox Server
role, while on CAS, not necessarily be deployed as long as messages are not inspected on CAS Servers.
While some articles say the opposite, and mention configuration of Anti malware ,etc.. on CAS Servers.
What is the best practice for deploying anti malware / spam / virus Software on CAS, and what is the best recommended software for messaging and OS level protection, say Symantec for example.
Thanking you
Jamil

Hi,
Based on my knowledge, in Exchange 2013, the CAS server acts as a stateless proxy for all inbound and outbound external SMTP traffic, it does not inspect message content and does not queue any messages locally. Moreover, as you know, in Exchange 2013,
the Transport service, which runs on all Mailbox servers, is almost identical to the Hub Transport server role in previous versions of Exchange.
Thus, anti-spam agents in Exchange 2013 run on Mailbox servers. And here is a reference about enabling Anti-Spam on Mailbox Servers:
http://technet.microsoft.com/en-us/library/bb201691(v=exchg.150).aspx
Thanks,
Angela Shi
TechNet Community Support

Email message rejected for possible spam/virus content

When I do a Reply All on an email that includes my own Mail email address in the recipient list, the reply is delivered to everyone but me. I get a [email protected] email with a Diagnostic code: "smtp;553 5.3.0 17.158.232.236 Your message was rejected for possible spam/virus content.Please ask your email provider to visithttp://emailadmin.registeredsite.com for resolution."
This never happened before. The only thing that has changed on my system is that I have recently installed Webroot SecureAnywhere antivirus. Any ideas?

I suggest you contact godaddy for some support using their mail service.

How to disable spam/virus ?

We are running 10.4.11, disabled all options in Filters tab and mail gets stuck in the queue. I checked main.cf and it looks fine. How to disable spam/virus permanently and let mail thru ?
Before disabling filter, postconf -n :
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mapsrbldomains =
messagesizelimit = 10485760
mydestination = $myhostname,localhost.$mydomain,localhost,mydomainslist
mydomain = domain.net
mydomain_fallback = localhost
myhostname = domain.net
mynetworks = 127.0.0.1/32
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
ownerrequestspecial = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdpw_server_securityoptions = plain,login,cram-md5
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdtls_keyfile =
smtpduse_pwserver = yes
unknownlocal_recipient_rejectcode = 550
virtualaliasmaps = hash:/etc/postfix/virtual
virtualmailboxdomains = hash:/etc/postfix/virtual_domains
virtual_transport = lmtp:unix:/var/imap/socket/lmtp

I just want to add that i followed pterobyte's instructions from http://discussions.apple.com/thread.jspa?threadID=2402121&tstart=0 and updated ClamAV. It seemed to work fine for a day and all of a sudden mails were getting queued.

SMS spam not blocked

some unknown source is sending me sms spam ,i blocked it (the IOS block feature) but it is still sending me sms. does block feature work in iphone ?
and no ,sms block is NOT a carrier feature .maybe it is in the US , but not in other countries.
screenshots:
http://s7.postimg.org/amwd44yxn/image.png
http://s13.postimg.org/429bljyjb/image.png

i already contacted them ,other people in my area did the same. the matter is : the carrier does share a cut of these adds so they don't want you to block it. and without some long procedure i will never be able to block that add. and even if i cancel it another add will begin in days. i have some experience with this.
my cell phone is very powerful and it is setting just next to me , the phone should simply block it. i can't see any technical difficulty in that .android does it it is very very simple. google block email spam (also email has filters) why can't a phone filter sms as well ? simple question.
sms should be filtered by keyword as well : e.g. if the word "discount" was mentioned from unknown number just transfer that sms to trash. very very simple. i can't see why people make seem like very difficult.
security ? no problem permission system is already in place ,similar to camera and GPS permission systems.

Spam / Virus / Mail Reporting Tools

Does anyone have an recommendations on how i find the stats for what the Leopard mail server is upto? Just daily reports on the volumes of mails / spams / virus scans would be great.
Thanks.
N.

I second pterobyte's suggestion of mailgraph. It took me about 5 minutes; about as painful as a bandaid. And the resulting database can be parsed and mailed a million was with rrdtool. A big benefit that may make it worth it to you is that it handles the time data; any other script you put together will have to keep track of what it has and hasn't seen, etc. where with mailgraph and rrdtool you can whip up a command line that summarizes running-average data and mails it to you (optionally with attached images).
That said, if you really want something else, I imagine they exist. I have run several other mail log analyzers (that's a good search term) that work passably well. None were as nice as mailrrd, though.

Spam/Virus Statistics or Report per Users.

Is there any workaround to generate a spam statistics/report per
users? so we could send our users report about spam/virus that
access to their account.
Thanks.

The 'monitor -> internal users' page in the Ironport WebGUI gives you user mail flow details for internal users(both inbound and outbound email). You can search for a specific user and obtain user specific stats. Also, these reports may be imported to CSV format if you need to plot them separately.

I just got an email from Apple, asking me to complete a survey. If I don't then I'll loose my Apple ID. I think this is spam/virus/hacker. Anybody have any info on this?

i just got an email from Apple, asking me to complete a survey. If I don't then I'll loose my Apple ID. I think this is spam/virus/hacker. Anybody have any info on this?

There have been a number of phishing scam emails going around for at least half a year...do not respond, click links, or do anything with that email. Apple does not operate that way.
See: http://www.apple.com/legal/more-resources/phishing/

I got an email that looks like Spam or Phising that states in header: "Apple online access activation". Is it Spam/Virus/Phishing..???

I got an email that looks like Spam or Phising that states in header: "Apple online access activation". Is it Spam/Virus/Phishing..???.. It came from email: Apple [email protected] ... Thanks...

Identifying fraudulent "phishing" email
You can report spam to: [email protected]

Skype spam virus

hello my skype account is sending spam messages, I've tried the solution in the following thread but the spam is not going away http://community.skype.com/t5/Windows-archive/Skype-spam-virus/m-p/1092492#M66501 I have changed my password and even uninstalled skype from the PC i used it most, ran several antivirus/malware scans but the spam just keeps going on, I don't know what else to do

Same thing happens to me. My Skype is sending out links with goog.le/.... adresses to my contacts. How can I fix this?

Relay mail through Cisco Spam and Virus Blocker Appliance

I originally tried to add the ip in the relay mail through in the server admin. This didn't work and talked to apple support, did an enterprise capture after they were able to replicate the problem on their machine, and the engineer suggested adding the following line to the /etc/postfix/main.cf file:
relayhost = 192.168.0.000.
I did that and tested sending an email to an outside address but no relay. Does anyone have any other ideas?

relayhost = 192.168.0.000.
I find it extremely unlikely that IP address is valid for your network (or any network, for that matter).
I don't know if you've masked it trying to hide the real address (there's no point since it's a private network address anyway), but just in case that is what you've set, you will need to change that to the actual IP address of the mail appliance.
I did that and tested sending an email to an outside address but no relay.
What do you mean by 'no relay'. Do you mean that the mail server delivered the mail without relaying it through the appliance? Or that the mail didn't get delivered at all?
What do the log files have to say about it?

Cisco ASA 5505 Blocking LAN Domain Queries

Hi guys,
Okay my scenario, datacentre hosted system with 4 servers connected to a CISCO ASA5505, everything was working fine with 4x windows server 2003 machines but since pulling 2 out and replacing them with windows server 2008 machines i get a flood of the error below and it blocks communications back to the IP listed which is the domain controller so naturally this makes the 2 new servers unusable.
1: they are all connected to the inside VLAN directly via the ASA's switch ports.
2: the are all in the same 255.255.255.0 subnet including the ASA inside interface
3: removing the gateway on the affected machines makes no difference the ASA continues to block it which indicates whether or not the machines use the asa as a gateway its inspecting the traffic and blocking
I have posted the error below and my config, its strange its only affecting the new server 2008 machines and im hoping you can offer suggestions.
Errors:
2 Dec 08 2012 12:02:41 106007 10.50.15.117 55068 DNS Deny inbound UDP from 10.50.15.117/55068 to 10.50.15.5/53 due to DNS Query
Result of the command: "show run"
: Saved
ASA Version 8.2(1)
hostname xxxxx-ASA5505
domain-name xxx.local
enable password
passwd
names
name 10.50.17.0 Hobart description Hobart
name 10.50.16.0 Launceston description Launceston
name 10.50.18.0 Burnie description Burnie
name 10.50.24.0 Devonport description Devonport
name 10.50.23.0 burniewilmot description burniewilmot
name 10.50.35.0 Warrnamboolmain description warrnamboolmain
name 10.50.30.0 hamilton description hamilton
name 10.50.20.0 Portland description Portland
name 10.50.31.0 Camperdown description Camperdown
name 10.50.32.0 wboolsh description wboolsh
name 10.50.33.0 wblthy description wblthy
dns-guard
interface Vlan1
nameif inside
security-level 100
ip address 10.50.15.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 111.223.228.154 255.255.255.248
interface Vlan5
no forward interface Vlan1
nameif dmz
security-level 50
ip address dhcp
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone EST 10
clock summer-time EDT recurring last Sun Oct 2:00 last Sun Mar 3:00
dns server-group DefaultDNS
domain-name xxx.local
object-group service IpPrinting tcp
port-object eq 9100
object-group icmp-type icmp
icmp-object alternate-address
icmp-object conversion-error
icmp-object echo
icmp-object echo-reply
icmp-object information-reply
icmp-object information-request
icmp-object mask-reply
icmp-object mask-request
icmp-object mobile-redirect
icmp-object parameter-problem
icmp-object redirect
icmp-object router-advertisement
icmp-object router-solicitation
icmp-object source-quench
icmp-object time-exceeded
icmp-object timestamp-reply
icmp-object timestamp-request
icmp-object traceroute
icmp-object unreachable
object-group network dns_servers
network-object host 10.50.15.5
object-group service domain udp
port-object eq domain
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object udp
protocol-object tcp
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any eq domain
access-list inside_access_in extended permit udp any any object-group domain
access-list outside_access_in extended permit ip any any inactive
access-list outside_access_in extended permit tcp any 111.223.228.152 255.255.255.248 eq smtp
access-list outside_access_in extended permit tcp any 111.223.228.152 255.255.255.248 eq www
access-list vpnusers_splitTunnelAcl standard permit 111.223.231.120 255.255.255.248
access-list inside_nat0_outbound extended permit ip 111.223.231.120 255.255.255.248 14.0.0.0 255.255.255.240
access-list inside_nat0_outbound extended permit ip 111.223.231.120 255.255.255.248 111.223.228.152 255.255.255.248
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 111.223.228.152 255.255.255.248
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Hobart 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Warrnamboolmain 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Launceston 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 14.0.0.0 255.255.255.240
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Burnie 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Devonport 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 burniewilmot 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 hamilton 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Portland 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 Camperdown 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 wboolsh 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.50.15.0 255.255.255.0 wblthy 255.255.255.0
access-list outside_1_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Hobart 255.255.255.0
access-list outside_1_cryptomap_1 extended permit ip 10.50.15.0 255.255.255.0 Launceston 255.255.255.0
access-list outside_2_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Burnie 255.255.255.0
access-list outside_3_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Hobart 255.255.255.0
access-list outside_4_cryptomap extended permit ip 10.50.15.0 255.255.255.0 burniewilmot 255.255.255.0
access-list outside_5_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Warrnamboolmain 255.255.255.0
access-list outside_6_cryptomap extended permit ip 10.50.15.0 255.255.255.0 hamilton 255.255.255.0
access-list outside_7_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Portland 255.255.255.0
access-list outside_8_cryptomap extended permit ip 10.50.15.0 255.255.255.0 Camperdown 255.255.255.0
access-list outside_9_cryptomap extended permit ip 10.50.15.0 255.255.255.0 wboolsh 255.255.255.0
access-list outside_10_cryptomap extended permit ip 10.50.15.0 255.255.255.0 wblthy 255.255.255.0
access-list dmz_access_in extended permit tcp any interface outside eq www inactive
access-list dmz_access_in extended permit tcp any 111.223.228.152 255.255.255.248 eq smtp
pager lines 24
logging enable
logging asdm warnings
mtu inside 1300
mtu outside 1300
mtu dmz 1500
ip local pool vpnclient 14.0.0.1-14.0.0.15 mask 255.0.0.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 10.50.15.0 255.255.255.0
static (outside,inside) tcp 10.50.15.5 www 0.0.0.0 www netmask 255.255.255.255
static (inside,outside) tcp interface www 10.50.15.5 www netmask 255.255.255.255 dns
static (inside,outside) tcp interface smtp 10.50.15.5 smtp netmask 255.255.255.255 dns
static (inside,inside) 10.50.15.0 255.255.255.0 netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
access-group dmz_access_in in interface dmz
route outside 0.0.0.0 0.0.0.0 111.223.228.153 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-reco
rd DfltAccessPolicy
aaa authentication enable console LOCAL
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 outside
http 10.50.15.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set esp-des-sha esp-des esp-sha-hmac
crypto ipsec transform-set 3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto ipsec df-bit clear-df outside
crypto dynamic-map outside_dyn_map 1 set transform-set ESP-3DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer 58.96.86.56
crypto map outside_map 1 set transform-set esp-des-sha
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map0 1 match address outside_1_cryptomap_1
crypto map outside_map0 1 set peer 59.167.207.106
crypto map outside_map0 1 set transform-set ESP-3DES-SHA
crypto map outside_map0 2 match address outside_2_cryptomap
crypto map outside_map0 2 set peer 59.167.204.53
crypto map outside_map0 2 set transform-set ESP-3DES-SHA
crypto map outside_map0 3 match address outside_3_cryptomap
crypto map outside_map0 3 set pfs
crypto map outside_map0 3 set peer 203.45.159.34
crypto map outside_map0 3 set transform-set ESP-3DES-SHA
crypto map outside_map0 4 match address outside_4_cryptomap
crypto map outside_map0 4 set peer 203.45.134.39
crypto map outside_map0 4 set transform-set ESP-3DES-SHA
crypto map outside_map0 5 match address outside_5_cryptomap
crypto map outside_map0 5 set peer 58.96.75.47
crypto map outside_map0 5 set transform-set ESP-3DES-SHA
crypto map outside_map0 6 match address outside_6_cryptomap
crypto map outside_map0 6 set peer 58.96.85.151
crypto map outside_map0 6 set transform-set ESP-3DES-SHA
crypto map outside_map0 7 match address outside_7_cryptomap
crypto map outside_map0 7 set peer 58.96.78.238
crypto map outside_map0 7 set transform-set ESP-3DES-SHA
crypto map outside_map0 8 match address outside_8_cryptomap
crypto map outside_map0 8 set peer 58.96.69.82
crypto map outside_map0 8 set transform-set ESP-3DES-SHA
crypto map outside_map0 9 match address outside_9_cryptomap
crypto map outside_map0 9 set peer 58.96.83.244
crypto map outside_map0 9 set transform-set ESP-3DES-SHA
crypto map outside_map0 10 match address outside_10_cryptomap
crypto map outside_map0 10 set peer 58.96.80.122
crypto map outside_map0 10 set transform-set ESP-3DES-SHA
crypto map outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map0 interface outside
crypto isakmp enable outside
crypto isakmp policy 2
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 50
authentication pre-share
encryption des
hash sha
group 1
lifetime 86400
crypto isakmp policy 70
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address 10.50.15.50-10.50.15.55 inside
dhcpd dns 10.50.15.5 interface inside
no threat-detection basic-threat
no threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 130.194.10.150
webvpn
group-policy xxx internal
group-policy xxx attributes
dns-server value 10.50.15.5
vpn-tunnel-protocol IPSec
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
dhcp-network-scope 14.0.0.0
vpn-tunnel-protocol IPSec webvpn
ipv6-address-pools none
group-policy vpnusers internal
group-policy vpnusers attributes
dns-server value 10.50.15.5 139.130.4.4
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpnusers_splitTunnelAcl
username aspireremote password
username aspireremote attributes
service-type remote-access
username richard.lawes password
username netscreen password
tunnel-group DefaultL2LGroup ipsec-attributes
isakmp keepalive threshold 15 retry 2
tunnel-group DefaultRAGroup ipsec-attributes
isakmp keepalive threshold 15 retry 2
tunnel-group DefaultWEBVPNGroup ipsec-attributes
isakmp keepalive threshold 15 retry 2
tunnel-group TunnelGroup1 type remote-access
tunnel-group TunnelGroup1 general-attributes
address-pool (outside) vpnclient
address-pool vpnclient
default-group-policy GroupPolicy1
dhcp-server 192.168.0.5
tunnel-group TunnelGroup1 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group vpnusers type remote-access
tunnel-group vpnusers general-attributes
address-pool vpnclient
default-group-policy vpnusers
tunnel-group vpnusers ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 59.167.207.106 type ipsec-l2l
tunnel-group 59.167.207.106 ipsec-attributes
pre-shared-key *
tunnel-group aspirevpn type remote-access
tunnel-group aspirevpn general-attributes
address-pool vpnclient
default-group-policy xxxvpn
tunnel-group xxxvpn ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 59.167.204.53 type ipsec-l2l
tunnel-group 59.167.204.53 ipsec-attributes
pre-shared-key *
tunnel-group 203.45.159.34 type ipsec-l2l
tunnel-group 203.45.159.34 ipsec-attributes
pre-shared-key *
tunnel-group 203.45.134.39 type ipsec-l2l
tunnel-group 203.45.134.39 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 58.96.75.47 type ipsec-l2l
tunnel-group 58.96.75.47 ipsec-attributes
pre-shared-key *
tunnel-group 58.96.85.151 type ipsec-l2l
tunnel-group 58.96.85.151 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 58.96.78.238 type ipsec-l2l
tunnel-group 58.96.78.238 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 58.96.69.82 type ipsec-l2l
tunnel-group 58.96.69.82 ipsec-attributes
pre-shared-key *
tunnel-group 58.96.83.244 type ipsec-l2l
tunnel-group 58.96.83.244 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
tunnel-group 58.96.80.122 type ipsec-l2l
tunnel-group 58.96.80.122 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 15 retry 2
prompt hostname context

Hello Richard,
My first though is why is the ASA receiving this traffic is this is traffic that should not reach the default-gateway.
Anyway try the following
same-security-traffic permit intra-interface
Let me know how it goes
Julio

Cisco Spam & Virus Blocker

Similar Messages

Maybe you are looking for