Networking

Ask Computer Networking Questions and Get Answers ASAP

Ask a Computer Expert,
Get an Answer ASAP!

Networking

I have a Cisco ASA5510 with 9.1 and ASDM7. I need help

Customer Question
for one issue: After upgrade...
I have a Cisco ASA5510 with 9.1 and ASDM7. I need help for one issue: After upgrade the cisco would not boot with current running config, even after coping it to startup config. and wr. So i need to resolve this issue first. After that i would need help
below. 1. ISP router will go to ASA5501 on Port0. 2. Port2 of ASA goes to Home Network (Vlan1) 3. Home network uses DHCP from ASA. 4. Port 3 onwards goes to Office network. (Vlan2) 5. Office network; DHCP uses Ms Active Directory server and not ASA. 6. Trust
relationship; Home Network should talk to Office. But no one can come from Office to Home network. So if a user is inside Home he can access Office network but if a user is inside office they cannot access home network. 7. Acess Rules; configure a rule on
Firewall that certain Mac address and Public Ips can directly connect to Office Network, rest is all blocked. 8. Anyconnect; Configure two anyconnect. one for home and one for office. 8. Any other recommandations to make firewall security stronger.
Submitted: 2 years ago.Category: Networking
Show More
Show Less
Ask Your Own Networking Question
Customer reply replied 2 years ago
I am ok for extra money.thanks
Customer reply replied 2 years ago
OK i was able to fix the first issue of boot, But i still need help on configurations:1. ISP router will go to ASA5501 on Port0. 2. Port2 of ASA goes to Home Network (Vlan1) 3. Home network uses DHCP from ASA. 4. Port 3 onwards goes to Office network. (Vlan2) 5. Office network; DHCP uses Ms Active Directory server and not ASA. 6. Trust relationship; Home Network should talk to Office. But no one can come from Office to Home network. So if a user is inside Home he can access Office network but if a user is inside office they cannot access home network. 7. Acess Rules; configure a rule on Firewall that certain Mac address and Public Ips can directly connect to Office Network, rest is all blocked. 8. Anyconnect; Configure two anyconnect. one for home and one for office. 8. Any other recommandations to make firewall security stronger.
Answered in 2 days by:
10/16/2015
Network Technician: Michael Hannigan, Network Architect replied 2 years ago
Michael Hannigan
Michael Hannigan, Network Architect
Category: Networking
Satisfied Customers: 11,884
Experience: 25+ Years Experience in Field. MCSE, ICCP, CNE, Greenbelt. Certified Network Engineer/Architect
Verified

Hello, my name is Michael. I can help you with your question, but we need to focus on one question. Please let me know which question you want to work on and I'll be happy to help.

The first thing I would do, thought, to make this a little bit more simple, is to use static addresses where you can, at least during the setup.

Mike

Ask Your Own Networking Question
Customer reply replied 2 years ago
Mike, suggest when are you going to be online.
we can go one question at at time.
So we will start with:Trust relationship; Home Network should talk to Office. But no one can come from Office to Home network. So if a user is inside Home he can access Office network but if a user is inside office they cannot access home network.
But you would need to suggest me time so i can be online and try the commands on my cisco.thanks
PT
Network Technician: Michael Hannigan, Network Architect replied 2 years ago

That would be a typical scenario. Accessing outside the domain to a home system would be extremely uncommon. What are you trying to access from the domain?

Ask Your Own Networking Question
Customer reply replied 2 years ago
Here is the scenario:
This is my setup is at my home, I have setup a company. So here is what i want to do.
On port 2 of my ASA5510 router i have setup office network and on port 3 i have setup home network.
Only home network is on wifi. On office network i have my servers.
So when i am on my wifi i want to access office network. But on the other hand if any user is on my office network i do not want them to access my home network as that is my personal network.Currently i simply connect using anyconnect to access my office network. I just want to avoid connecting VPN, since i am a room away.Please suggest if this is too crazy then i can live with VPN.All my other issues are now resolve.thanks
PT
Network Technician: Drew, Network Specialist replied 2 years ago
Drew
Drew, Network Specialist
Category: Networking
Satisfied Customers: 137
Experience: Using 30+ years of experience to help you get it working.
Verified

Hi. My name is ***** ***** I can help you with part of your questions. I not familiar with the VPN part but can help with the port security.

It seems to me the simplest way to setup up the security you want is setting proper security levels on your interfaces. Are you familiar with how security levels work on the ASA? The jist of it is that traffic flows freely from higher security levels to lower but NOT vice versa. Security levels can be set from 0 to 100. So for example, you'd set your home network interface (port 3) to 100, your office interface (port 2) to 50, and your Internet connection (port 0) to 0. What this will do is allow your home access to both office and Internet, your office to Internet (because 50 is greater than 0) but NOT office to home (because 50 is less than 100), and nothing inbound from Internet (because 0 is less than both 50 and 100).

Make sense? Please let me know if you have any questions and how it goes.

Cheers,

Drew

Ask Your Own Networking Question
Network Technician: Drew, Network Specialist replied 2 years ago

I'm curious if you were able to try my suggestions and if it helped get things going? Please let me know.

Cheers,

Drew

Ask Your Own Networking Question
Customer reply replied 2 years ago
Thanks Drew but answer you provided would not help. You are right that traffic flow between 0 and 100.
But in this case that would not help as i would need to create Access list. currently i configured VPN between these ports and its working fine.
Network Technician: Drew, Network Specialist replied 2 years ago

Thanks for the update. Yes, the second you add a access list, security levels are null and void on that interface. But just to be clear, when using security levels, traffic flows unrestricted from higher to lower.

I'm glad VPN is working for you. I need to learn how to set that up for myself. ;)

Cheers,

Drew

Ask Your Own Networking Question
Ask Drew Your Own Question
Drew
Drew
Drew, Network Specialist
Category: Networking
Satisfied Customers: 137
137 Satisfied Customers
Experience: Using 30+ years of experience to help you get it working.

Drew is online now

A new question is answered every 9 seconds

How JustAnswer works:

  • Ask an ExpertExperts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional AnswerVia email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction GuaranteeRate the answer you receive.

JustAnswer in the News:

Ask-a-doc Web sites: If you've got a quick question, you can try to get an answer from sites that say they have various specialists on hand to give quick answers... Justanswer.com.
JustAnswer.com...has seen a spike since October in legal questions from readers about layoffs, unemployment and severance.
Web sites like justanswer.com/legal
...leave nothing to chance.
Traffic on JustAnswer rose 14 percent...and had nearly 400,000 page views in 30 days...inquiries related to stress, high blood pressure, drinking and heart pain jumped 33 percent.
Tory Johnson, GMA Workplace Contributor, discusses work-from-home jobs, such as JustAnswer in which verified Experts answer people’s questions.
I will tell you that...the things you have to go through to be an Expert are quite rigorous.

What Customers are Saying:

I am very happy with my very fast response. Eric is very knowledgeable in the subject area. Thank you!

RPAustin, TX

My Expert answered my question promptly and he resolved the issue totally. This is a great service. I am so glad I found it I will definitely use the service again if needed.

One Happy CustomerNew York

Wonderful service, prompt, efficient, and accurate. Couldn't have asked for more. I cannot thank you enough for your help.

Mary C.Freshfield, Liverpool, UK

This expert is wonderful. They truly know what they are talking about, and they actually care about you. They really helped put my nerves at ease. Thank you so much!!!!

AlexLos Angeles, CA

Thank you for all your help. It is nice to know that this service is here for people like myself, who need answers fast and are not sure who to consult.

GPHesperia, CA

I couldn't be more satisfied! This is the site I will always come to when I need a second opinion.

JustinKernersville, NC

Just let me say that this encounter has been entirely professional and most helpful. I liked that I could ask additional questions and get answered in a very short turn around.

EstherWoodstock, NY

< Previous | Next >

Meet the Experts:

Claws224

Claws224

IEEE Network Engineer

1,256 satisfied customers

IEEE, Microsoft

Kevin

Kevin

LAN/WAN Specialist

1,165 satisfied customers

Certified MCSA and MCP Network Administrator with over 20 years of PC experience.

Byron

Byron

PC Support Tech

625 satisfied customers

CCNA, A+, MCSE 11 years at a large law firm.

Eric K.

Eric K.

Network Administrator

510 satisfied customers

13 years of desktop, server and network support experience

Mr. Clark

Mr. Clark

Network Engineer

510 satisfied customers

Computer Business Owner / Former DoD Network Specialist

Chris L.

Chris L.

Support Specialist

446 satisfied customers

Certified Networking expert with over 10 years experience.

A. Stevens

A. Stevens

Network Administrator

428 satisfied customers

10+ years of Desktop, Laptop, and Server troubleshooting and support.

< Previous | Next >

Related Networking Questions
Windows 10 pro having ability to recognize home network but
windows 10 pro having ability to recognize home network but says it cannot connect to network. (previously have been able to) … read more
Richard
Richard
IT Manager
IT Manager, Consultant
3,208 satisfied customers
My computer will not stay connected to my home network it
My computer will not stay connected to my home network it keeps jumping off. I'm only having this issue with my laptop .my phone connects fine and everyone else In the house can connect but me … read more
Kris R
Kris R
IT Manager
Computing
2,285 satisfied customers
I have a home network based on a Netgear WND 4500 Router
I have a home network based on a Netgear WND 4500 Router that produces 50.4 mbs by wired connection at the router, 32.3 mbs by wifi at the router and 22.1mbs at my computer. I have installed a Ampedwi… read more
Byron
Byron
PC Support Tech
Bachelor's Degree
625 satisfied customers
I cannot get my iPhone and iPad to join my home network. It
I cannot get my iPhone and iPad to join my home network. It seems to be something wrong with the security. … read more
Viet - Computer Tech
Viet - Computer Tech
Computer Technican
Bachelor\u0027s Degree
952 satisfied customers
I am trying to find the password for my home network, don't
I am trying to find the password ***** my home network … read more
Lorenz Vauck
Lorenz Vauck
Computer Expert
Electrical Engineering
71 satisfied customers
On a computer network that has a DHCP server giving out the
On a computer network that has a DHCP server giving out the local IP's and DNS information how does the following work: - if the DHCP server is coded with external DNS information how do the local wor… read more
Joseph Varner
Joseph Varner
Bachelors of Science
51 satisfied customers
Wireless home network question about Hawking 300 N
wireless home network question about Hawking 300 N repeaters: We have a wireless router Actiontec 1200 as our source for wireless and cabled access to the internet. The router is and has to be at a di… read more
bbao
bbao
Freelance IT Consultant
74 satisfied customers
I would like to ask an IT home network expert on how to
Hello I would like to ask an IT home network expert on how to setup bandwidth management with VIGOR Draytek router.… read more
Richard
Richard
IT Manager
IT Manager, Consultant
3,208 satisfied customers
What is the best way to set up my home network or are there
What is the best way to set up my home network or are there any tricks i need to know about, other than wifi extenders, to speed up my network? I have An Apple Time Machine (4th Generation) an Arris s… read more
bbao
bbao
Freelance IT Consultant
74 satisfied customers
Been having a lot of issues with DHCP not specific to my
Hi. Been having a lot of issues with DHCP not specific to my router.... internet dropping out.... ...it's never been upgraded aside the drivers from windoes. windows...sorry...lol … read more
Cody
Cody
Computer Science
1,464 satisfied customers
I don't know my home network wifi password, I tried once and
I tried once and I must have messed it up, because the one that came in the beginning no longer works and I don't know what it is now … read more
Byron
Byron
PC Support Tech
Bachelor's Degree
625 satisfied customers
HOW DO CHANGE THE DHCP ON MY NETGEAR ROUTER, none, I am
the owners manual for the door bell sez that the door bell in not on line and to check the dhcp on the router … read more
Byron
Byron
PC Support Tech
Bachelor's Degree
625 satisfied customers
I have a question or 2 about home networking and remote
I have a question or 2 about home networking and remote connections. My spouse and I have separate desktops and laptops. She subscribes to a service that has set up a network for her and rather than j… read more
Pete
Pete
Engineer
Bachelor\u0027s Degree
1,109 satisfied customers
When I try to log in to my home network, the system shows
When I try to log in to my home network, the system shows first that it has authenticated and connected. Then after a few seconds it goes back to authenticating and this time it says authentication pr… read more
Jason Jones
Jason Jones
AAS Information Technology
6,316 satisfied customers
My aol 9.7 Home network is not working, I'm sorry I dont get
System connection ACS 4.10.1.9 ,TCP/IP connection , Error 0x84100101 … read more
Mike the Mac Medic
Mike the Mac Medic
Creative and Apple IT Consultant
Some college
5,750 satisfied customers
Epson WF-7620 printer is behind a router. DHCP gets a wrong
Epson WF-7620 printer is behind a router. DHCP gets a wrong IP. With manual IP my PC can find the printer and even change the ip adress of the printer. But the printer does not work properly and does … read more
bbao
bbao
Freelance IT Consultant
74 satisfied customers
DHCP issue for windows 2008 server I have a windows 2008
DHCP issue for windows 2008 serverI have a windows 2008 server. My workstations can not get out to the internet.My server was not seeing me PDS and BDS.What should I do? I have rebooted everything, se… read more
Cody
Cody
Computer Science
1,464 satisfied customers
Unable to connect to our whole home network. It was
Unable to connect to our whole home network. It was connected then suddenly overnight it was gone. I have read every thing and I cannot find the problem my pic is the only thing not working. When I se… read more
Martin
Martin
Network Engineering Diploma
141 satisfied customers
Disclaimer: Information in questions, answers, and other posts on this site ("Posts") comes from individual users, not JustAnswer; JustAnswer is not responsible for Posts. Posts are for general information, are not intended to substitute for informed professional advice (medical, legal, veterinary, financial, etc.), or to establish a professional-client relationship. The site and services are provided "as is" with no warranty or representations by JustAnswer regarding the qualifications of Experts. To see what credentials have been verified by a third-party service, please click on the "Verified" symbol in some Experts' profiles. JustAnswer is not intended or designed for EMERGENCY questions which should be directed immediately by telephone or in-person to qualified professionals.

Disclaimer: Information in questions, answers, and other posts on this site ("Posts") comes from individual users, not JustAnswer; JustAnswer is not responsible for Posts. Posts are for general information, are not intended to substitute for informed professional advice (medical, legal, veterinary, financial, etc.), or to establish a professional-client relationship. The site and services are provided "as is" with no warranty or representations by JustAnswer regarding the qualifications of Experts. To see what credentials have been verified by a third-party service, please click on the "Verified" symbol in some Experts' profiles. JustAnswer is not intended or designed for EMERGENCY questions which should be directed immediately by telephone or in-person to qualified professionals.

Show MoreShow Less

Ask Your Question

x