Solved

cisco 515e pix8.0 RDP to internal server from outside

Posted on 2011-03-24
16
428 Views
Last Modified: 2012-08-13
hi all,
i know this is not good practice it just for testing
i have a pix 515e pix8.0 image.
I have 3 card on that pix
1-external ip x.x.x.189 gw x.x.x.129
2-dmz - not in use
3- internal ip 192.168.2.4

I need to be able to access rdp from external ip to internal ip,
i have tried lot's of combination without success.

PIX Version 8.0(3)
!
hostname CleardPix
domain-name x.x
enable password xxxxxxx encrypted
names
name 192.168.2.29 PBX description ASTERISK
name 192.168.2.106 Mabe
name x.x.x.189 Outside_Interface
name x.x.x.190 OutSide_IP
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address Outside_Interface 255.255.255.192
 ospf cost 10
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 192.168.2.4 255.255.255.0
 ospf cost 10
!
interface Ethernet2
 shutdown
 nameif dmz
 security-level 4
 ip address 192.168.1.1 255.255.255.0
 ospf cost 10
!
passwd xxxxxxxxx encrypted
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
 name-server 192.168.2.107
 name-server 192.168.2.80
 domain-name cleard.local
dns server-group xxxxxxxx
 name-server 208.85.113.10
 name-server 208.71.9.130
object-group service Asterisk udp
 port-object range sip 65535
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit tcp any eq 3389 host OutSide_IP eq 3389
access-list outside_access_in extended permit icmp any any time-exceeded
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any
pager lines 24
logging enable
logging asdm informational
logging from-address x@x.x
logging recipient-address x@x.x level errors
mtu outside 1500
mtu inside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit host x.x.x.0 outside
asdm image flash:/asdm-603.bin
asdm location PBX 255.255.255.255 inside
asdm location Mabe 255.255.255.255 inside
asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
global (inside) 101 interface
nat (dmz) 1 192.168.1.0 255.255.255.0
static (inside,outside) tcp OutSide_IP 3389 Mabe 3389 netmask 255.255.255.255  dns
static (outside,inside) tcp Mabe 3389 OutSide_IP 3389 netmask 255.255.255.255  dns
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 x.x.x.129 1
route outside OutSide_IP 255.255.255.255 x.x.x.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server Cleard protocol radius
aaa-server Cleard host 192.168.2.x
http server enable
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 fqdn x
 subject-name CN=x
 no client-types
 crl configure
crypto ca trustpoint ASDM_TrustPoint2
 enrollment self
 fqdn x.x.x
 email x
 subject-name CN=xxx.x.x,OU=IT,O=x,C=CA,St=x,L=x,EA=x
 no client-types
 crl configure
crypto ca certificate chain ASDM_TrustPoint2
 certificate 31
    xxxxxxxxxxxxxxxxxxxxx
  quit
crypto isakmp enable outside
crypto isakmp policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
no crypto isakmp nat-traversal
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics
ntp server 192.168.2.107 source inside prefer
ssl encryption rc4-sha1 3des-sha1 des-sha1
tunnel-group DefaultRAGroup general-attributes
 authentication-server-group Cleard
tunnel-group DefaultRAGroup ipsec-attributes
 trust-point ASDM_TrustPoint2
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 1280
policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect dns preset_dns_map
!
service-policy global_policy global
smtp-server 192.168.2.83
prompt hostname context
Cryptochecksum:xxxxxxxxxxxxxxxxxxxxxxxxxx
Thanks for any help

cleard
0
Comment
Question by:cleard
  • 8
  • 8
16 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35206192
Try:
access-list outside_access_in extended permit tcp any host OutSide_IP eq 3389
(because the source port doesn't have to be 3389 :)

And get rid of:
static (outside,inside) tcp Mabe 3389 OutSide_IP 3389 netmask 255.255.255.255  dns
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35206200
Oh, and off course remove:
access-list outside_access_in extended permit tcp any eq 3389 host OutSide_IP eq 3389
0
 

Author Comment

by:cleard
ID: 35206260
ok i will this :)
0
 

Author Comment

by:cleard
ID: 35206375
still not working, i get this error in my pix log:

2 Mar 24 2011 08:43:37 106001 x.x.12.110 OutSide_IP Inbound TCP connection denied from x.x.12.110/56932 to OutSide_IP/3389 flags SYN on interface outside
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35206402
Did you try a clear xlate?

If that doesn't work, could you post your config again as it is now?
0
 

Author Comment

by:cleard
ID: 35206547
no i forgot to do clear xlate, just did it, still not working.
here is my config:

PIX Version 8.0(3)
!
hostname CleardPix
domain-name x.x
enable password xxxxxxxxxxx encrypted
names
name 192.168.2.29 PBX description ASTERISK
name 192.168.2.106 Mabe
name x.x.x.189 Outside_Interface
name x.x.x.190 OutSide_IP
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address Outside_Interface 255.255.255.192
 ospf cost 10
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 192.168.2.4 255.255.255.0
 ospf cost 10
!
interface Ethernet2
 shutdown
 nameif dmz
 security-level 4
 ip address 192.168.1.1 255.255.255.0
 ospf cost 10
!
passwd xxxxxxxxxxxx encrypted
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
 name-server Mabe
 name-server 192.168.2.80
 domain-name x.x
dns server-group xxxxxxx
 name-server 208.85.113.10
 name-server 208.71.9.130
object-group service Asterisk udp
 port-object range sip 65535
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit tcp any host OutSide_IP eq 3389
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any
pager lines 24
logging enable
logging asdm informational
logging from-address Cleardpix@x.com
logging recipient-address x@x.com level errors
mtu outside 1500
mtu inside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit host 173.246.64.0 outside
asdm image flash:/asdm-603.bin
asdm location PBX 255.255.255.255 inside
asdm location Mabe 255.255.255.255 inside
asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
global (inside) 101 interface
nat (dmz) 1 192.168.1.0 255.255.255.0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 x.x.x.129 1
route outside OutSide_IP 255.255.255.255 x.x.x.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server Cleard protocol radius
aaa-server Cleard host 192.168.2.107
http server enable
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 fqdn CleardPix
 subject-name CN=CleardPix
 no client-types
 crl configure
crypto ca trustpoint ASDM_TrustPoint2
 enrollment self
 fqdn CleardPix.x.x
 email x@x
 subject-name CN=cleardpix.x.x,OU=IT,O=x,C=CA,St=x,L=x,EA=x
 no client-types
 crl configure
crypto ca certificate chain ASDM_TrustPoint2
 certificate 31
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  quit
crypto isakmp enable outside
crypto isakmp policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
no crypto isakmp nat-traversal
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics
ntp server 192.168.2.107 source inside prefer
ssl encryption rc4-sha1 3des-sha1 des-sha1
tunnel-group DefaultRAGroup general-attributes
 authentication-server-group Cleard
tunnel-group DefaultRAGroup ipsec-attributes
 trust-point ASDM_TrustPoint2
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 1280
policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect dns preset_dns_map
!
service-policy global_policy global
smtp-server 192.168.2.83
prompt hostname context
Cryptochecksum:xxxxxxxxx
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35206626
Looks like you removed both the statics. Add this one:
static (inside,outside) tcp OutSide_IP 3389 Mabe 3389 netmask 255.255.255.255
And see what happens.

Oh and if it's working, you might want to remove this line:
access-list outside_access_in extended permit ip any any
0
 

Author Comment

by:cleard
ID: 35207030
Sorry i was in a meeting
Still not working.
this time i have done cleard xlate :)
Here is my new config:
PIX Version 8.0(3)
!
hostname CleardPix
domain-name cleard.local
enable password xxxxxxxxxxxxxxxx encrypted
names
name 192.168.2.29 PBX description ASTERISK
name 192.168.2.106 Mabe
name x.x.x.189 Outside_Interface
name x.x.x.190 OutSide_IP
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address Outside_Interface 255.255.255.192
 ospf cost 10
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 192.168.2.4 255.255.255.0
 ospf cost 10
!
interface Ethernet2
 shutdown
 nameif dmz
 security-level 4
 ip address 192.168.1.1 255.255.255.0
 ospf cost 10
!
passwd xxxxxxxxxxx encrypted
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
 name-server Mabe
 name-server 192.168.2.80
 domain-name cleard.local
dns server-group PreToPost
 name-server 208.85.113.10
 name-server 208.71.9.130
object-group service Asterisk udp
 port-object range sip 65535
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit tcp any host OutSide_IP eq 3389
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit host x.x.x.0 outside
asdm image flash:/asdm-603.bin
asdm location PBX 255.255.255.255 inside
asdm location Mabe 255.255.255.255 inside
asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
global (inside) 101 interface
nat (dmz) 1 192.168.1.0 255.255.255.0
static (inside,outside) tcp OutSide_IP 3389 Mabe 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 x.x.x.129 1
route outside OutSide_IP 255.255.255.255 173.246.64.129 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server Cleard protocol radius
aaa-server Cleard host 192.168.2.107
http server enable
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 fqdn CleardPix
 subject-name CN=CleardPix
 no client-types
 crl configure
crypto ca trustpoint ASDM_TrustPoint2
 enrollment self
 no client-types
 crl configure
crypto ca certificate chain ASDM_TrustPoint2
 certificate 31
xxxxxxxxxxxxxxxxxxxxxxxxxx
  quit
crypto isakmp enable outside
crypto isakmp policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
no crypto isakmp nat-traversal
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics
ntp server 192.168.2.107 source inside prefer
ssl encryption rc4-sha1 3des-sha1 des-sha1
tunnel-group DefaultRAGroup general-attributes
 authentication-server-group Cleard
tunnel-group DefaultRAGroup ipsec-attributes
 trust-point ASDM_TrustPoint2
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 1280
policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect dns preset_dns_map
!
service-policy global_policy global
smtp-server 192.168.2.83
prompt hostname context
Cryptochecksum:xxxxxxxxxxxxxxxxxxxxxxxxx

Thanks for your help erniebeek :)
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35207250
Mmmmmm, ok.

Some other things:
remove: global (inside) 101 interface

And add: nat (inside) 1 192.168.2.0 255.255.255.0
0
 

Author Comment

by:cleard
ID: 35207472
Still no go.
I have reloaded the pix, still notting.
here is my 2 log entry:
6 Mar 24 2011 10:51:04 302013 70.81.113.20 Mabe Built inbound TCP connection 396 for outside:x.x.x.20/2569 (x.x.x.20/2569) to inside:Mabe/3389 (OutSide_IP/3389)

6 Mar 24 2011 10:51:34 302014 x.x.x.20 Mabe Teardown TCP connection 396 for outside:x.x.x.20/2569 to inside:Mabe/3389 duration 0:00:30 bytes 0 SYN Timeout
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35207574
Well, it looks like the connection is setup up now but the 192.168.2.106 isn't responding.
So is RDP set up correctly on it, firewall disabled (just to be sure), does it have the PIX as default gateway?
Let's have a look at that.
0
 

Author Comment

by:cleard
ID: 35207631
No it as the pfsence as gw not the pix.
from insite i can access the server.
firewall is disabled.
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 35207652
So let's set the gateway to the PIX.........
0
 

Author Comment

by:cleard
ID: 35207914
That was the problem.

thanks for all your help erniebeek you did find the problem.
0
 

Author Closing Comment

by:cleard
ID: 35207955
great job well done
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35208024
You're welcome, glad I could help :)

And thank you for the points.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now