Software Version ASA 5512-x
We ahve just ordered a new ASA 5512-X, can anyone tell me what version of software will likly be installed?
Hi,
The lowest software level for the new ASA5512-X to ASA5555-X models is 8.6(1) software level
Here is a link to a document about the compatibility
http://www.cisco.com/en/US/docs/security/asa/compatibility/asamatrx.html#wp42231
I am not sure if they have yet bumped up the software level the ASA is shipped with.
I think the models that come with the SSD drive might come with newer 9.x software level.
- Jouni
Similar Messages
-
P2P blocking on ASA 5525 with Software Version 8.6(1)2
Hello,
We have Cisco ASA 5525 with Software Version 8.6(1)2. We have permitted all the traffic from inside to outside.
Now we want to block P2P sharing Bit torrent to internet sites. Please help me with the configuration.
We have DMZ setup & also inline IPS module.
Thanks in advance.
Regards,
Sandeshc Chavan.Hi Chavan ,
You can try to block this by port.
The well known TCP port for BitTorrent traffic is 6881-6889 (and 6969 for the tracker port).
The config is
Access-list BLOCK-P2P-TRAFFIC deny tcp any any range 6881 6889 log
And applies to the desire interface with the "Access-group command"
For example:
Access-group BLOCK-P2P-TRAFFIC outbound interface DMZ
However Blocking Bittorrent is challenging, and can't really be done effectively with port blocks. The standard ports are 6881-6889 TCP, but the protocol can be run on any port, and the peer-to-peer nature of the protocol means that discovering peers that use unblocked ports is simple.
Also you can execute from the cmd on windows the command netstat -a and check the port Bit torrent is using .
Hope this helps. -
ASA 5512-X version 9.1 multiple contextes supported?
Hi All,
could soumeone please let me know if on the ASA 5512-X virtual contexts are supported with version 9.1 ?
I found different information on the Cisco web, the ASA datasheet says it is supported but in the configuration guide I found exactly the opposite information.
Cisco ASA Series General Operations CLI Configuration Guide 9.1 and 8.6
http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/ha_contexts.html#wp1188797
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1329030
Cisco ASA 5500 and ASA 5500-X Series Next- Generation Firewalls for Small Offices and Branch Locations Data Sheet (Updated)
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701253.html
thanks in advance
Best Regards
FrankHi,
you find the information in the ASA Configuration Guide section "Licensing Requirements for Multiple Context Mode"
http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/ha_contexts.html#wp1188797
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1329030
Licensing Requirements for Multiple Context Mode
ASA 5512-X No support.
Best Regards
Frank -
ASA 5512-X an out of date ASDM-IDM?
The cisco ASA 5512-X we have recently purchased comes with an out of date ASDM-IDM. It comes with version 6.6(1) which is not compatible with the asa version 9.1 is this normal?
I haven't opened a new one in the past couple of months but ASDM 6.6(1) is compatible with ASA software 8.6(1). That was the version most units were shipping with for a while as it was the initial release that introduced support for the 5500- X series.
If the box shipped new with 9.1 ASA software then the ASDM should be at least 7.1(1) - and the recommended version is 7.2(1). Reference.
It's easy enough to upgrade ASDM - just copy the file over and change the "asdm image" command to point to it.
(By the way, you'd get better visibility of a question like this in the Security - Firewalling forum.) -
I installed a new ASA 5512-X over the weekend for a client. Their backup ISP connection is DHCP based. I need to use the 'dhcp client route track' command on the interface, but it is not available. However according the all the documentation I am looking at and even the ASDM says it should be available.
This is the version of ASA and ASDM they are running:
Cisco Adaptive Security Appliance Software Version 8.6(1)1
Device Manager Version 6.6(1)
I did upgrade to the latest ASA software, so has this command been removed? If I do a '?' in the interface, there isn't a 'dchp' option.
Any help would be appreciated. I really don't want to tell them they need to get a static IP address to resolve this issue.
TIA,
DanLooks like you are hitting bugID: CSCtq78280
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtq78280
Pls open a TAC case to get the fixed on version 8.6.1(x). -
ASA 5512 - monitor power supply status via snmp oid
Device – ASA 5512 running 9.1(1).
Show version:
ASA-1# sh ver
Cisco Adaptive Security Appliance Software Version 9.1(1)
Device Manager Version 6.6(1)
Compiled on Wed 28-Nov-12 11:15 PST by builders
System image file is "disk0:/asa911-smp-k8.bin"
Config file at boot was "startup-config"
ASA-1 up 8 hours 38 mins
Hardware: ASA5512-K7, 4096 MB RAM, CPU Clarkdale 2792 MHz, 1 CPU (2 cores)
ASA: 2048 MB RAM, 1 CPU (1 core)
Internal ATA Compact Flash, 4096MB
BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB
Issue: looking for a snmp OID to poll power supply status (Inbuilt Power Supply - no redundant power supply in this scenario). Possibly what we see in show environment.
CSE analysis:
I tried using the OIDs belonging to CISCO-ENTITY-FRU-CONTROL-MIB , like cefcFRUPowerOperStatus and cefcFRUPowerAdminStatus but it didn’t return anything.
NOTE: I have done all the snmp walks from the Linux server. Do I doubt it’s something to do from the snmp manager side.
Couple of observations. The CISCO-ENTITY-FRU-CONTROL-MIB talks about the field replaceable power supplies, so I doubt if it’s going to return the value for inbuilt power supply.
Second, I noticed that there are snmp traps supported for power supply and threshold setting. See configuration below. Is it that only traps works for power supply and environment related details?
Snmpwalk on cefcFRUPowerStatusEntry returns nothing:
[root@tonbenso-eagle bin]# ./snmpwalk -v2c -c public 172.16.169.29 1.3.6.1.4.1.9.9.117.1.1.2.1
SNMPv2-SMI::enterprises.9.9.117.1.1.2.1 = No Such Object available on this agent at this OID
Snmpwalk on cefcFRUPowerOperStatus returns nothing:
[root@tonbenso-eagle bin]# ./snmpwalk -v2c -c public 172.16.169.29 1.3.6.1.4.1.9.9.117.1.1.2.1.2
SNMPv2-SMI::enterprises.9.9.117.1.1.2.1.2 = No Such Instance currently exists at this OID
Snmpwalk on cefcFRUPowerAdminStatus returns nothing:
[root@tonbenso-eagle bin]# ./snmpwalk -v2c -c public 172.16.169.29 1.3.6.1.4.1.9.9.117.1.1.2.1.1
SNMPv2-SMI::enterprises.9.9.117.1.1.2.1.1 = No Such Instance currently exists at this OID
[root@tonbenso-eagle bin]#
login as: root
I tried polling the ciscoEntityFRUControlMIB to see what all values it return. It just returned enterprises.9.9.117.1.3.1.0 = INTEGER: 2. Meaning cefcMIBEnableStatusNotification is FALSE (value 2). Meaning cefcModuleStatusChange, cefcPowerStatusChange, cefcFRUInserted, cefcFRURemoved, cefcUnrecognizedFRU and cefcFanTrayStatusChange are prevented from being sent.
Snmpwalk on ciscoEntityFRUControlMIB
[1]+ Stopped ./snmpwalk -v2c -c public 172.16.169.29
[root@tonbenso-eagle bin]# ./snmpwalk -v2c -c public 172.16.169.29 1.3.6.1.4.1.9.9.117
SNMPv2-SMI::enterprises.9.9.117.1.3.1.0 = INTEGER: 2
Object
cefcMIBEnableStatusNotification
OID
1.3.6.1.4.1.9.9.117.1.3.1
Type
TruthValue
Permission
read-write
Status
current
MIB
CISCO-ENTITY-FRU-CONTROL-MIB ; - View Supporting Images
Description
"This variable indicates whether the system
produces the following notifications:
cefcModuleStatusChange, cefcPowerStatusChange,
cefcFRUInserted, cefcFRURemoved,
cefcUnrecognizedFRU and cefcFanTrayStatusChange.
A false value will prevent these notifications
from being generated."
Found couple of bugs:
CSCty32558 – but then this is for 5585 and I see it is fixed in 8.4
CSCul90037 – New state
Show snmp-server oidlist:
http://www-tac.cisco.com/Teams/ks/c3/getLargeFile.php?srId=632222409&fileName=20141030-013905_ASA-show-snmp-server-oidlist.txt
Show tech:
Sh run | in snmp:
ASA-1# sh run | in snmp
snmp-server host asa 172.18.123.228 community *****
no snmp-server location
no snmp-server contact
snmp-server community *****
snmp-server enable traps entity power-supply-presence power-supply-temperature -----à I was talking about this trap above
any help will be appreciated.Hi
I've got an ASA with redundant power supplies. An ASA5585. So I have the need to monitor them. :-) So how can we do it?
Also I've made a SNMP-Walk through the ASA v8.4(2)8 and it doesn't show up any ENV-MIB values. The
1.3.6.1.4.1.9.9.13 tree is not available. Are you shure it's available on the ASA?
Funny is also that the command "show snmp-server oidlist" from the 8.4 configuration guide is not available on the real CLI. I think the documentation guys were faster than the coders. ;-)
Kind regards
Roberto -
Asa-5512-x no connectivity to internet
I am going from a pix-515e to asa-5512-x. I used the wizard for the initial setup. I then set the interfaces the same, objects, nat rules, routes, ACLs the same as in the 515e (except for the outside interface ACL where you use the inside address now, rather than the outside...and you have a global deny rule for all interfaces) .
I take the cables from the inside / outside interface from the 515e, plug them into the 5512x and nada...
Computers on the inside can't get out. I see egress failures on the ASDM monitor from the inside to outside. I don't see any traffic coming in on the outside interface to the inside as I do on the ASDM of the 515e.
ASA Version 9.1(5)
hostname ASA-5512-X
domain-name mydomain.com
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 98.xxx.xxx.xxx 255.255.255.224
interface GigabitEthernet0/2
nameif inside
security-level 100
ip address 10.0.1.242 255.255.252.0
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
boot system disk0:/asa915-smp-k8.bin
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns domain-lookup inside
dns server-group DefaultDNS
name-server 10.0.3.42
domain-name mydomain.com
same-security-traffic permit intra-interface
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any object webserver-inside object-group web-ports
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-716.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static webserver-inside webserver-outside unidirectional
nat (inside,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 98.xxx.xxx.xxx 2
route inside 172.20.0.0 255.255.0.0 10.0.0.1 1
route inside 172.21.0.0 255.255.0.0 10.0.0.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http 10.0.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet 10.0.0.0 255.255.0.0 inside
telnet 192.168.1.0 255.255.255.0 management
telnet timeout 5
console timeout 0
management-access inside
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home reporting anonymousAt a quick glance the config looks pretty clean (please do use ssh and not telnet though)
Since you replaced one box with another, have you checked that your upstream (Outside) device is reachable from the ASA itself? (i.e can you ping your default gateway at 98.xxx.xxx.xxx 2 )
I've sometimes seen cases where we had to ask the ISP to clear their ARP cache when changing out firewalls. -
ASA 5512-X no int vlan command!?
I don't have much experience yet with ASAs but I thought the int vlan command should be available? It's an ASA 5512-X with IOS 8.6(1)2, should I upgrade to the newest 9 version? Also, there are rj45 interfaces and SFP interfaces which are numbered Gi0/0 -5 and Gi1/0 - 5, how do I tell what numbers correspond to what interfaces? Thanks
"int vlan" is specific to the 5505 which has an integrated switch. The 5510 and higher use a subinterface and vlan command within the subinterface config mode. See the configuration guide section here:
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1082576
Rear panel ports are numbersed as described in the hardware installation guide here:
http://www.cisco.com/en/US/docs/security/asa/hw/maintenance/5500xguide/asa_overview.html#wp1069960
I don't have one in front of me but seem to recall they also have printed designations on the physical unit if you look closely. -
Configure the syslog of ASA 5512-X for display on Cisco Prime Infrastructure 2.1
Hi, I'm working on implementing the Cisco Prime Infrastructure 2.1 and want to display the syslog about ASA5512-X with Software Version 9.2.
What would be the procedure for configuring?
Thanks in advance.Hi,
Enable "logging host x.x.x.x " command to enable logging
check the below link:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/monitor_syslog.html#68764
FYI: Prime Infrastructure support only SEV 0,1,2 syslogs as of now.
Operate > alarm and events > syslogs
Thanks-
Afroz
****Ratings Encourages Contributors ***** -
2 Cisco 2504 controllers but different software versions
Hello,
I am configuring two 2504 controllers, which I ordered together, however they run different software versions and I don't have a contract/ login to download wlan controller software from the Cisco website.
The one with the newest version runs 7.2.103.0 while the other one runs 7.0.220.0
I want to run them together in the same subnet and use them for redundancy (10 AP's will connect)
Is there a way I can download the software from the controller, just like I am able to do with an ASA firewall? Then I can upload it to the controller with the older software version.
Thank you and regards,
Ralph Willemsen
Arnhem, NetherlandsHello Ralph,
No, you can not download the code from the WLC. You can contact your reseller and request the firmware.
If you have a contact with Cisco sales team you can tell them and they can open a TAC case for your behalf to publish you the code.
If your device is under warranty you can send your serial number to [email protected] along with your CCO ID. They will publish you the image if the device is under warranty. (or if it is under valid contract but you don't have the contract number).
HTH
Amjad -
Configuring "Guest Wi-Fi" VLAN on ASA 5512
I'm attempting to setup a new vlan on my Cisco ASA 5512 running version 8.6(1)2. This vlan will provide access for wireless "guest" AP's in my network. I have the guest vlan setup through to my switches, I'm able to dedicate a switch port to VLAN 40 and aquire an IP address in the 10.40.10.0/24 network. Below is excerpt of what I think is the relevent config information. I'm trying to route guest traffic out my "outside" interface.
Obvious to me I'm missing another command in here. Any help would be greatling appreciated. If more the running-config is needed please advise. Thanks in advance!
interface GigabitEthernet0/1.40
description Guest Wireless Network
vlan 40
nameif guestwireless
security-level 50
ip address 10.40.10.5 255.255.255.0
route outside 0.0.0.0 0.0.0.0 X.X.X.X 1 (public IP at X.X.X.X)
access-list guestwireless_access_in extended permit ip 10.40.10.0 255.255.255.0 interface outside
mtu guestwireless 1500
access-group guestwireless_access_in in interface guestwireless
dhcpd address 10.40.10.50-10.40.10.250 guestwireless
dhcpd dns 8.8.8.8 interface guestwireless
dhcpd enable guestwirelessStripped out some config pertaining to crypto and credentials
--------------Config Below-----------------------------------
: Saved
ASA Version 8.6(1)2
hostname ASA
domain-name company.local
names
interface GigabitEthernet0/0
description ISP Interface
nameif outside
security-level 100
ip address ##.##.###.### 255.255.255.248
interface GigabitEthernet0/1
no nameif
no security-level
no ip address
interface GigabitEthernet0/1.40
description Guest Wireless Network
vlan 40
nameif guestwireless
security-level 50
ip address 10.40.10.5 255.255.255.0
interface GigabitEthernet0/2
nameif inside-tempnet
security-level 0
ip address 172.29.0.252 255.255.255.0
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
nameif management
security-level 100
no ip address
management-only
boot system disk0:/asa861-2-smp-k8.bin
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns server-group DefaultDNS
domain-name company.local
same-security-traffic permit inter-interface
object network NETWORK_OBJ_10.100.10.0_24
subnet 10.100.10.0 255.255.255.0
access-list outside_access_in extended permit ip object NETWORK_OBJ_10.100.10.0_24 any
access-list inside-tempnet_access_in extended permit ip 172.29.0.0 255.255.255.0 object NETWORK_OBJ_10.100.10.0_24
access-list Split_Tunnel_List standard permit 172.29.0.0 255.255.255.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu guestwireless 1500
mtu inside-tempnet 1500
mtu management 1500
ip local pool ClientVPN-DHCP-Pool 10.100.10.50-10.100.10.250 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
asdm history enable
arp timeout 14400
nat (inside-tempnet,outside) source static any any destination static NETWORK_OBJ_10.100.10.0_24 NETWORK_OBJ_10.100.10.0_24 no-proxy-arp route-lookup
nat (guestwireless,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
access-group inside-tempnet_access_in in interface inside-tempnet
route outside 0.0.0.0 0.0.0.0 ##.##.###.### 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
http server enable
http 0.0.0.0 0.0.0.0 inside-tempnet
http 172.29.0.0 255.255.255.0 inside-tempnet
http redirect inside-tempnet 80
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
dhcpd address 10.40.10.50-10.40.10.250 guestwireless
dhcpd dns 8.8.8.8 interface guestwireless
dhcpd enable guestwireless
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption aes256-sha1 aes128-sha1 3des-sha1
ssl trust-point ASDM_TrustPoint0 outside
ssl trust-point ASDM_TrustPoint0 inside-tempnet
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
anyconnect profiles VPNConnect disk0:/vpnconnect.xml
anyconnect enable
tunnel-group-list enable
group-policy "GroupPolicy_VPN Connect" internal
group-policy "GroupPolicy_VPN Connect" attributes
wins-server none
dns-server value #.#.#.#
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_Tunnel_List
default-domain value company.local
webvpn
anyconnect profiles value VPNConnect type user
tunnel-group "VPN Connect" type remote-access
tunnel-group "VPN Connect" general-attributes
address-pool ClientVPN-DHCP-Pool
authentication-server-group compnay.LOCAL LOCAL
default-group-policy "GroupPolicy_VPN Connect"
tunnel-group "VPN Connect" webvpn-attributes
group-alias "VPN Connect" enable
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
: end -
How to Configure Cisco ASA 5512 for multiple public IP interfaces
Hi
I have a new ASA 5512 that I would like to configure for multiple public IP support. My problem may be basic but I am an occasional router admin and don't touch this stuff enough to retain everything I have learned.
Here is my concept. We have a very basic network setup using three different ISPs that are currently running with cheap routers for internet access. We use these networks to open up access for Sales to demo different products that use a lot of bandwidth (why we have three)
I wanted to use the 5512 to consolidate the ISPs so we are using one router to manage the connections. I have installed an add on license that allows multiple outside interfaces along with a number of other features.
Outside Networks (I've changed the IPs for security purposes)
Outside1 E 0/0 : 74.55.55.210 255.255.255.240 gateway 74.55.55.222
Outside2 E 0/2: 50.241.134.220 255.255.248 gateway 50.241.134.222
Inside1 : E 0/1 192.168.255.1 255.255.248.0
Inside2 : E 0/3 172.16.255.1 255.255.248.0
My goal is to have Inside 1 route all internet traffic using Outside1 and Inside 2 to use Outside2. The problem is I can't seem to do this. I can get inside 1 to use outside 1 but Inside2 uses Outside 1 as well.
I tried adding static routes on Outside2 to have all 172.16.248.0/21 traffic use gateway 50.241.134.222 but that doesn't seem to work.
I can post my config up as needed. I am not well versed in Cisco CLI, I've been using the ASDM 7.1 app. My ASA 5512 is at 9.1.
Thanks in advance for the suggestions/helpI have been away for a while and am just getting caught up on some posts. so my apology for a delayed response.
I find the response very puzzling. It begins by proclaiming that to achieve the objective we must use Policy Based Routing. But then in the suggested configuration there is no PBR. What it gives us is two OSPF processes using one process for each of the public address ranges and with some strange distribute list which uses a route map. I am not clear what exactly it is that this should accomplish and do not see how it contributes to having one group of users use one specific ISP and the other group of users use the other ISP>
To the original poster
It seems to me that you have chosen the wrong device to implement the edge function of your network. The ASA is a good firewall and it does some routing things. But fundamentally it is not a router. And to achieve what you want were a group of users will use a specified ISP and the other group of users will use the other ISP you really need a router. You want to control outbound traffic based on the source of the traffic, and that is a classic situation where PBR is the ideal solution. But the ASA does not do PBR.
HTH
Rick -
I have the iPhone 5 and have with 6.0.1 software version. Although I had them when I moved from iPhone 4 to the 5 (could play them), the latest update has most of my songs on the phone listed in grey (over 95% of them) and I can't play them. They are still listed in the iTunes library. When I look in the Summary for the iPhone, it shows Audio as only .16 GB - I have over 5 GB of songs, so what gives?
P.S. When I look at my Playlists most of the songs are greyed out. However, at the bottom of the list there is a cloud icon with a downward facing arrow. When I click on it each song starts to "load" and after a few minutes I have the songs back on in the list. I have to do this to all my playlists (I had over 100) in order to get access to all my songs. Then I did a sync and it happened again!
I use iCloud for documents and some other things (calendar, contact, etc.) but am not aware that I have anything music-wise in the cloud. Any thougnts?You may have to try deleting all the music from your phone (by going to Settings>General>Usage>Music, swipping All Music and tapping Delete), then sync it all back on with iTunes in order to fix this.
-
Error trying to update iPhone to software version 1.0.2
I have just recently purchased an iPhone. I have no problem syncing it with iTunes. The only problem I have is every time I try to update the software version of my iPhone, it downloads the entire thing then an error message pops up as shown:
*"There was a problem downloading the iPhone software for the iPhone "name". An unknown error occured (-48).*
*Make sure your network settings are correct and your network connection is active, or try again later."*
I have received this error several times and no matter what I do, I can't get it to work. The phone is not hacked, I just purchased it 2 days ago. Its BRAND NEW. I even tried erasing all setting and info, and a restore. Still, nothing.
What am I doing wrong here? Is there something I need to do in the network settings of my iPhone? Or my cpu? I don't understand the error as I am connected to the internet.
Please, someone help me!
Thank you.Thank you for your help. I did try to do a full restore, but had to pause the download. When I came back and resumed it, the download just kept going past the 92MB file. It went all the way up to 200MB of 92MB...I have no idea what is going on with that. So I just stopped it and deleted it.
But it takes almost an hour to download it from my connection and I didn't want to try it again. Maybe I will have to.
Any other suggestions? -
I have an Iphone 4 from a friend. It was never updated with him and now I am trying update to latest software version. It is currently in 4.3.2 and it updates till the last few seconds and then a message, with no error number, states that the internet connection had time out during update. I am using my PC and have tried unsuccessfully for a week. I have tried to restore setting on phone first before plugging in to PC and updating software through Itunes? I took it to my mobile phone outlet and they couldn't help? Is there another way?
Read through this:
http://support.apple.com/kb/ht1808
Maybe you are looking for
-
Unable to Capture PAL DV footage
I'm working on a project that requires I edit with both PAL and NTSC footage shot on mini-DV. I was about to purchase a plug-in to convert the PAL footage to NTSC, but find that I can't even capture the PAL footage to begin with. I tried using both a
-
Anonymous PL/SQL vs procedure inside package
It's probably quite simple problem but I'm not able to figure it out. If I make an anonymous PL/SQL block declare l_counter number(4); begin SELECT * into l_counter FROM (SELECT count(*) FROM SYS.all_objects WHERE owner IN ('USER1', 'USER2') AND obje
-
Java - referencing external jar and class files
When compiling (loadjava) a Java class, how can an externally referenced '.jar file' be resolved please? Using '-resolve' doesn't do the job in this case. Many thanks.
-
.ear files are not deployed correctly under multi instances environment
We have 1 CI and 3DI. In one server there are 1 CI and 1DI. and in the other 2 servers there is 1 DI each. I developed a program with Webdynpro Java and deployed correctly. But after that I could run the application in only the specific server. For e
-
Overflow text on to second text field.
My form contains a long descriptive text followed by a short line, the for text field. The next form text field is a long blank line onto which I want the overflow text from the above field to be placed. How can I do this whith Acrobat 8 Mac OSX 10.4