[c-nsp] outbound connections from ASAs

nick.nauwelaerts at thomson.com nick.nauwelaerts at thomson.com
Fri Apr 27 09:44:19 EDT 2007


> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of 
> Nauwelaerts, Nick (TCM)
> Sent: Friday, April 27, 2007 11:26
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] outbound connections from ASAs
> 
> We currently have a few asa 5510's & 5520's in the field, 
> running 7.2(2)
> code. However, we found after troubleshooting an issue it seems that
> this code lacks any form of making outbound tcp connections from the
> firewall itself. Sure, you can ping & traceroute, but 
> outbound telnet &
> ssh seems to be lacking.
> Is there any hidden knob to activate this or is that code just not
> present? While telnet could be useful to troubleshoot a few things, at
> this time we could really use it as a second path to our remote serial
> device to upgrade rommon code on our 2800's.

I've just gotten a good off-list recommendation: I can ofcourse always
do a static nat of the serial console server, or do an inbound port
redirection to the console server, both which might work. Not as elegant
as doing it from the ASA, but works for me.

Thanks for the advice.

// nick



More information about the cisco-nsp mailing list