We also just upgraded our ASA. That explains some problems I am having with our guest wireless and web services. . We also had a problem with Trace Route not resolving DNS names. I tracked that down to having to add a rule to allow icmp/time-exceeded packets through the firewall.
From: [email protected] [mailto:[email protected]] On Behalf Of Aaron Zuercher Sent: Wednesday, July 21, 2010 1:15 PM To: tech-geeks Subject: [tech-geeks] asa 8.3.1 update and NAT Just updated my ASA to latest version last night. Had to wait til summer to bring it down and add more RAM. So after the update I get reports that external access to web site/servers is not working. I check into it and seems like there is a Global access list that wasn't there before. set to deny all. so I added a rule to this list to permit all. and now traffic is flowing but I am worried about opening up too much. does anyone how the order access lists are applied? and if its okay to leave the global list open? thought I'd check here before I start digging through cisco docs. Thanks, Aaron ________________________________ This electronic mail is copyrighted by Community Unit School District #205, Galesburg, Illinois USA. Unauthorized dissemination or duplication of it is prohibited. Violators of copyright/confidentiality laws may be prosecuted.
_______________________________________________ Tech-geeks mailing list [email protected] http://lists.illinicloud.org/cgi-bin/mailman/listinfo/tech-geeks
