Solved

Global command deprecated on IOS 8.4.5

Posted on 2015-02-16
4
63 Views
Last Modified: 2015-06-22
We used to use the global command to enforce sla monitor for backup internet. Now when we enter:

#global (outside) 1 interface

We get the response that this has been deprecated in IOS 8.4.

What has replaced the global command?

Thanks
0
Comment
Question by:d4nnyo
  • 2
4 Comments
 
LVL 24

Expert Comment

by:VB ITS
ID: 40613518
This article is your friend: http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/upgrading/migrating.html

A similar question was also asked (and answered) a while back. See Kvistofta's accepted solution in this EE question as he couldn't have put it any better: http://www.experts-exchange.com/Security/Software_Firewalls/Cisco_PIX_Firewall/Q_26616094.html
0
 
LVL 4

Expert Comment

by:Joey Yung
ID: 40615628
Recommend this link to explained the NAT code difference between ASA 8.2 and 8.4 later:

http://www.packetu.com/2012/01/09/typical-natpat-configuration-comparison-for-asa-8-4/

The beginning part is what you are asking for~
0
 
LVL 1

Author Comment

by:d4nnyo
ID: 40697084
I appreciate the comments. However I'm not a NAT / PAT expert. What I really need are actual commands that can be used under 8.4 to install and enable a backup Internet connection.

I'm familiar with the setup using sla monitor, 1 track 1 on the primary interface, etc. Can anyone tell me the commands I need to replace the global command to enable a backup internet link?

Thanks
0
 
LVL 4

Accepted Solution

by:
Joey Yung earned 500 total points
ID: 40697589
FYR:

route ISP1 0.0.0.0 0.0.0.0 192.168.1.1 1 track 1
route ISP2 0.0.0.0 0.0.0.0 192.168.2.1 254
!
sla monitor 1
!
type echo protocol ipIcmpEcho 8.8.8.8 interface ISP1
!
num-packets 4
!
timeout 3000
!
frequency 5
!
sla monitor schedule 1 life forever start-time now
!
track 1 rtr 1 reachability
!
nat (LAN,ISP1) after-auto source dynamic any interface
nat (LAN,ISP2) after-auto source dynamic any interface
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now