Configuration Required for Transparent Firewall ASA8.2
Dear All,
I have one firewall need to be configured in transparent mode. I have inside and outside router. Can anyone just give me the configuration of transparent firewall ASA8.2 pelase. I didnt find the configuration on Cisco site.
Regards,
Ali.....
Dear jcarvaja
Reference made to our previous communication regarding transparent firewall. Following are my full config with your required capture. I can still ping to the managment of ASA from inside and outside. But traffic is not transiting.
Inside Capture
sh capture INSIDE
24 packets captured
1: 00:11:45.244326 802.3 encap packet
2: 00:11:47.289245 802.3 encap packet
3: 00:11:49.233325 802.3 encap packet
4: 00:11:51.264039 802.3 encap packet
5: 00:11:53.258607 802.3 encap packet
6: 00:11:55.293060 802.3 encap packet
7: 00:11:57.339719 802.3 encap packet
8: 00:11:59.331113 802.3 encap packet
9: 00:12:01.343549 802.3 encap packet
10: 00:12:03.335218 802.3 encap packet
11: 00:12:05.349347 802.3 encap packet
12: 00:12:07.393152 802.3 encap packet
13: 00:12:09.117242 arp who-has 7.7.7.3 tell 7.7.7.2
14: 00:12:09.341931 802.3 encap packet
15: 00:12:11.103693 arp who-has 7.7.7.3 tell 7.7.7.2
16: 00:12:11.409341 802.3 encap packet
17: 00:12:13.102198 arp who-has 7.7.7.3 tell 7.7.7.2
18: 00:12:13.412393 802.3 encap packet
19: 00:12:15.088832 arp who-has 7.7.7.3 tell 7.7.7.2
20: 00:12:15.393244 802.3 encap packet
21: 00:12:16.206959 802.3 encap packet
22: 00:12:17.106043 arp who-has 7.7.7.3 tell 7.7.7.2
23: 00:12:17.448661 802.3 encap packet
24: 00:12:19.410760 802.3 encap packet
Outside Capture
1: 00:11:56.916105 802.3 encap packet
2: 00:11:58.879074 802.3 encap packet
3: 00:12:00.938367 802.3 encap packet
4: 00:12:02.893935 802.3 encap packet
5: 00:12:04.935437 802.3 encap packet
6: 00:12:06.927488 802.3 encap packet
7: 00:12:08.875702 802.3 encap packet
8: 00:12:09.117242 arp who-has 7.7.7.3 tell 7.7.7.2
9: 00:12:10.931104 802.3 encap packet
10: 00:12:11.113244 arp who-has 7.7.7.3 tell 7.7.7.2
11: 00:12:12.944088 802.3 encap packet
12: 00:12:13.102198 arp who-has 7.7.7.3 tell 7.7.7.2
13: 00:12:14.933331 802.3 encap packet
14: 00:12:15.088832 arp who-has 7.7.7.3 tell 7.7.7.2
15: 00:12:15.642453 802.3 encap packet
16: 00:12:16.948101 802.3 encap packet
17: 00:12:17.106043 arp who-has 7.7.7.3 tell 7.7.7.2
18: 00:12:18.968348 802.3 encap packet
19: 00:12:20.969066 802.3 encap packet
20: 00:12:22.976695 802.3 encap packet
21: 00:12:25.012572 802.3 encap packet
ASA
: Saved
ASA Version 8.0(2)
firewall transparent
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
interface Ethernet0/1
shutdown
no nameif
no security-level
interface Ethernet0/2
shutdown
no nameif
no security-level
interface Ethernet0/3
nameif inside
security-level 100
interface Ethernet0/4
shutdown
no nameif
no security-level
interface Ethernet0/5
shutdown
no nameif
no security-level
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list OUT extended permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
ip address 7.7.7.10 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
access-group OUT in interface outside
access-group OUT in interface inside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect icmp
service-policy global_policy global
prompt hostname context
Cryptochecksum:00000000000000000000000000000000
Similar Messages
-
Configurations required for IDOC to File
Can any body suggest me the configuration required for integrating remote R/3 system with the XI Server.
I want to know the following.
1) How and where to configure R/3 with the XI server.
2) What are the configurations required for Outbound and Inbound IDocs in R/3 and XI Servers.Hi Rajeshwar,
take a look over here:
https://www.sdn.sap.com/sdn/weblogs.sdn?blog=/weblogs/topic/16
you'll find at least 5 weblogs that show the idoc configuration
Regards,
michal
XI FAQ - http://www.bcc.com.pl/netweaver/sapxifaq -
What are the backend configuration required for photo upload from portal?
Hi all,
When i am trying to upload the photo from portal it is giving error
can not archive the photo
we are using portal 7 and ecc 6.0
I want to know
What are the backend configuration required for photo upload from portal
Can any but help me out
RajendraHi,
Are you using the standard iview. If that's the case you need to configure in the backend. Meaning you need to store the photo in the Org management(HR) which the HR functional guys will do. You just need to add the iview to your role.
Let me know if you require further informationn.
Award points if helpful.
Cheers,
sathya -
Configuration required for attached for a file in a PO in ECC 6.0
Hi All,
1) Is any configuration/setting required for attaching a file in a PO/PR ECC 6.0.
2) How we can mail /send that file, is any enhancement required
KunwarHi,
In One ID for any PO ,when go sytem in toolbar --> sevices for object,I am getting the services for object and showing the attachment ,but in another ID with same server ,computer ,it is showing "No services avaiable"
please guide any configuration/ setting missing?
Kunwar -
Sql Server configuration requirements for SAP ECC 6.0
Dear All,
I am using Sql server 2005 Enterprise as data store for Sap ecc 6.0.There are certain configuration requirements to be done while installing it so that sapinst.exe (sap installer) is able to use it to create its own DB's.
For eg it requires a collation of SQL_Latin1_General_CP850_BIN2 whereas the default that gets installed is SQL_Latin1_General_CP1_CI_AS.
Like this there are other requirements which I am not aware of.Most of the docs available on the Internet are talking of ecc 6.0 with Oracle 10.2G which is the most common combination.I am having docs for this combination.
I am installing ecc for the first time.
*I am unable to download docs from sap. marketplace as it requires a login given to certified users or sap purchasers.I am neither.*
Can anyone help me with this.If anyone has ECC 6.0 installation guide with sql server it will be serve my purpose.
Thanks for your efforts."Excuse me?
What he is doing is illegal , you know what that means, right? If you don't believe me, read the license that comes on the first installation DVD.
Actually, I even think it's kind of barefaced to ask in the forum of the software vendor for help! I mean, it's like asking in a bank forum how to rob and fraud the bank! You - and many others - may think that it's right and ok to do that. I tell you: it is not. Not for "home use", not for personal use, not at all.
You can use the software available here in the SDN to lean and study, that's why it's there.
If you deal at all with copied software, then just be smart enough to make other people not notice. He can be happy if he's not prosecuted (which would legally be possible)."
Do u understand what is legal or illegal? Have u read the license in full?
The license does not put any limit on the number of users.So if I am using it means that one more user has been added by the license holder.
Therefore there is nothing illegal about it.
It would have unethical (not illegal) if the software is being used for a business purpose other than for which it has been purchased.
Since it being used for training purpose the above does not hold good.
In fact it is SAP who is benefited in the long run bec' after a person learns it technology because he is going to implement it somewhere, for which the concerned user will have to purchase a license.Therefore I am helping SAP to increase its business.
But there are some stupid people who don't understand these things but are ready to shout at the top of their voice thinking themselves to be intelligent.
Edited by: coolmind26 on Jun 5, 2011 10:57 AM -
Is SAP-OSS RFC Configuration required for Technical Monitoring ?
Hi Experts,
I have not configured the SAP-OSS rfc connection.Is it required for setting up the technical monitoring(Tcode : SOLMAN_SETUP).
If Yes can you please help me in solving the above problem.Our aim is to configure technical monitoring for system and self-monitoring.
Thanks In Advance,
Satheesh EHello,
I am assuming you are speaking about 100 concurrent users and not the entire company userbase.
Core i5 (although is dual core underneath) is generally meant for desktops, having said this, please note that its difficult to arrive at any recommendation based on simply userbase. You need to have more data with you with respect to amount of transactions, concurrent users, peak period, load during peak period etc.
You need to use SAP's quicksizer to calculate the amount of SAPS for your production servers, SAPS is the unit used to calibrate your hardware for running SAP Applications.
If you provide your SAPS value to hardware vendor, they will advise what CPU rating and how many CPUs you need. They will infact tell you the entire configuration that you need.
you can also buy the following book:
http://www.sap-press.com/products/Sizing-SAP-Systems.html
Regards,
Siddhesh -
Status Profile: Configuration required for authorisation based on user
hi friends
from the sale order , i configured the status profile for authorisation for release the item level .
so what i do for cofiguration to give authorisation particular user(manager) and also not required for user(end user)
with regards
dinesh
Edited by: code acess on Feb 28, 2011 6:22 AMhi ram
thanks, how i give authorisation for particular user.. i need configuration setting for authorisation. i dont know what i tell to Basis for authorisation.
Consultant
with regards
dinesh -
Configuration require for SOLMAN after installation
Dear all,
I have successfully install Solution Manager 7.0 EHP1 on Windows Server 2008 Oracle 10g database.
Now I cant understand what are the configuration require and from where shall i start?
Please help me as I am a beginner.
Thanks
NurujjamanHi,
Follow the steps from the configuration guide for basic configuration activities:
https://service.sap.com/~sapidb/011000358700000308502009E/SM_CONF_SPS23.pdf
Also check http://service.sap.com/~sapidb/011000358700001735062008E to get a visual help.
For advanced configuration, follow the RKT at http://service.sap.com/rkt-solman
Regards,
Srikishan -
Configurations Required for Excel download in IR
Hi,
Please let me know the configurations req for enabling Excel download feature from Interactive report.
Currently i see only CSV and PDF options in report attributes page.
Regards,
CKLPHi,
You need advanced printing engine e.g. BI publisher
You can start check these links
http://www.oracle.com/technology/products/database/application_express/html/configure_printing.html
http://carlback.blogspot.com/2007/03/apex-cocoon-pdf-and-more.html
http://ubuntuforums.org/showthread.php?t=1004742
Search more information e.g. Apache POI and FOP from this forum
Br,Jari -
STEP BY STEP Configuration require for setup SLD Connections
hi I have installed the sneak preview 7.0 netweaver.
I would like to set up the SLD connection for R/3 system.
kindly provide the step by step configurations requied to set upd the SLd connection to R/3 server
Regards
VijayHi,
Refer to this document - [SLD Configuration guide for SAP NW7.0|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/50924080-0627-2a10-2b89-8cb87b972fb1]
For more info on SLD refer to this link - [SLD|System Landscape Directory (SLD)]
Regards
Srikanth KV -
Configurations required for sender/ reciever mail adapter scenario...
Hi,
I have to work on few mail scenario's i.e, sender and reciever.
Please let me know what all configurations are required in XI server to make the system ready to send and recieve mail like SMTP configurations...
Thanks..Hi,
how to use mail adapter
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/9e6c7911-0d01-0010-1aa3-8e1bb1551f05
XI: Dynamic name in the mail attachment - pseudo "variable substitution"
The specified item was not found.
XI: Sender mail adapter - PayloadSwapBean - Step by step
The specified item was not found.
XI: HTML e-mails from the receiver mail adapter ?
The specified item was not found.
Mail Adapter (XI) - how to implement dynamic mail address
The specified item was not found.
S/MIME Security for the MAIL-Adapter within XI
S/MIME Security for the MAIL-Adapter within XI
Configuring sender mail adapter
http://help.sap.com/saphelp_nw04/helpdata/en/23/c093409c663228e10000000a1550b0/frameset.htm
Thanks,
Madhu
Edited by: Madhu sudhan Reddy on Jul 18, 2008 7:54 AM -
Step by Step workflow configuration required for PM Notification
Hi All,
as per our requirement we need to trigger workflow when PM Notification Status will be change (Event will trigger for approval when sombody manually change the workflow status)
Kindly guide me step by step for configuration of thatnot answered closing thread
-
Configurations required for PME and SCE in SAP-CRM 2007
Hi Friends
How to configure the PME and SCE in SAP-CRM 2007.
If u have any documentation avilable for those two topics regading the implementation of e-Commerce application.
Waiting for ur reponse..
Regards
Satish.Hi Mia,
Authorization group is available in the old versions and basically this help in defining new authorization groups and you can define what can be done with these authorization groups as what can be edited and what cannot be and this is done on SPRO. These authorization groups are entered in the authorization group and the user who has this authorization object will be able to work on the account.
So the business role in CRM 2007 has a PFCG role and the authorization profile that you created are assigned to the business role and users are assigned to the business role.
There are also few authorization objects to maintian the BP relationship and see if you can use these combination to check if it meets your requirement.
Hope it clarifies and if useful please reward points
Thanks
Srini -
Configuration Requirement for Integrated Planning in BI 7.0 with JAVA Addin
Hi,
We have BI 7.0 with Java Add-in installation newly migrated to Unicode.
BW consultants (I am BASIS Consultant) want to use "Integrated Planning". I already checked IMG link of it & JCO destinations mentioned there are not in J2EE engine. Even I am not able to create b'cos current setup is not on SLD.
I would really appreciate your help on below queries :
1) Can I configure Integrated Planning without using SLD ?
2) Do I need to install BI JAVA to running Integrated Planning ?
3) Do I need to install EP & EP Core ?
I already checked most of SDN thread but sorry couldn't able to get answer to above questions. I have checked SAP Notes : 901022, 919850, 917950.
Your early reply would be highly appreciated.
Thanks & Regards,
Narsing.Hi Balaji,
Thanks for information. One thing to update with JAVA/JAVA addin portal core components gets installed. So I didn't installed EP.
Now Integrated Planner is working fine.
Thanks for your help.
Best Regards,
Narsing. -
Configurations required for sender/reciever mail adapters
Hi,
I am working on a scenario, which involves mail adapter configuration.
Mail Adapter scenarios SAP Exchange Infrastructure:
/people/prasad.ulagappan2/blog/2005/06/07/mail-adapter-scenarios-150-sap-exchange-infrastructure
XI: HTML e-mails from the receiver mail adapter ?
/people/michal.krawczyk2/blog/2005/11/23/xi-html-e-mails-from-the-receiver-mail-adapter
Sending XI-Content as Mail Attachement with specific Filename
Sending XI-Content as Mail Attachement with specific Filename
Triggering e-Mails to Shared folders of SAP IS-U
/people/sravya.talanki2/blog/2005/08/18/triggering-e-mails-to-shared-folders-of-sap-is-u
I have gone through many threads but i am unable to understand what all configurations need to be done on XI and mail server like SMTP setup and stuff.
Please give me any specific links and share with me any real time problems faced while carrying out such a scenario.
Thanks,
PuneetHi check this,
Spam protection-mail
/people/alessandro.guarneri/blog/2007/03/18/basic-spam-protection-for-xi-mail-adapter
e-mails from the receiver mail adapter /people/natty.gur/blog/2007/03/18/if-it146s-all-about-semantic-make-it-formal
sender mail adapter
/people/natty.gur/blog/2007/03/18/if-it146s-all-about-semantic-make-it-formal
File to Mail
/people/varun.vijh/blog/2007/03/20/report-with-a-graph-an-approach
Dynamic mail address
/people/oliver.mayer/blog/2007/04/06/web-dynpro-java-and-adaptive-rfc-in-action
mail adaptor scenarios
/people/manfred.lutz/blog/2007/03/20/abap-trial-version-for-newbies-part-1-download-and-installation-of-the-trial-version
email reporting
/people/mark.yolton/blog/2007/04/05/teched07-were-making-a-list-and-checking-it-twice
mail attachment
/people/community.user/blog/2007/03/19/todo-ideas
/people/puru.govind/blog/2007/03/19/adding-class-inheritance-programaticallyor-dynamically
Triggering Email from folder /people/santosh.v/blog/2007/03/19/organizational-management
Thanks,
Kalenthirababu.P
Maybe you are looking for
-
Error in executing a program in background?
Hi all, I have one report , which is alv grid display using Oops. it is going to be executed in online but when we are try to execute this in background through path Program->Execute in background. the job is going to be canceled with error "Control
-
IWeb 1.2 or 2.0 -- any news or confirmed rumors?
Hello, I was wondering if anyone has heard anything about the next iWeb release? 1.2 or 2.0. WHEN, what, etc. 1.1 was a really good step in the right direction, but has left me wanting More, More! In particular, some more Templates. Cheers Powerbook
-
I have had an iriver H10 for a while and just got a macbook. I read that i can use the i river as a potrable storage devicebut i cant find where to open it once it's plugged in the mac. all its information shows up in the system profiler but how can
-
C# Templates for Visual studio
Im told I should be able to load the C# templates in Visual studio, but I dont see them listed and trying to find them "online" doesn't get me what im looking for. Just starting to program in C# so all I really want to do is start creating some test
-
Error in TextField Validation Widget reset() method
There appears to be an error in the Textfield Validation Widget's reset() method. When I set the widget to "real" or "custom" validation, the reset() method is throwing an error when it reaches the line "this.oldValue = this.input.defaultValue;" I se