|
Kostas
Anon
2014-Nov-1 7:24 pm
[CCNA] ASA 5505 HelpHello everyone,
I really hope you can help me.
I am working at a company as a computer technician support and i am studing for CCNA since this summer.
I am responcible for support at this company and i think i have made a huge mistake accidentally which i dont know how to solve.
I was trying to port forward through ASA 5505 ASDM and not remembering how, i somehow blocked the trafic inside and outside except RDp (which is how i connect now).
I am not very familiar with commands yet so ASDM seemed to me helpfull even though, show run, version, ping and very basic stuff i can do.
I see on the monitor status right now the following messages
192.168.1.104 16129 64.4.23..xxx Deny tcp src inside:192.168.1.104/16129 dst outside:64.4.23.152/40006 by access-group "inside_access_in" [0x0, 0x0]
and
192.168.1.104 16112 111.221.77.xxx 80 Built outbound TCP connection 33949083 for outside:111.221.77.1xx/80 (111.221.77.xxx/80) to inside:192.168.1.104/16112 (192.168.1.104/16112)
I can not get access to the internet (nor the clients) or the cisco phones connected.
I think my head is at stake here and i would appreciate some help.
Thanks anyway |
|
|
rayik join:2005-08-04 united state |
rayik
Member
2014-Nov-1 8:55 pm
While the ASA implements any commands immediately, the changes you make will not survive a reboot unless you executed the "write mem" command. Without that command being executed, changes to the running config are not saved to the startup config. If you did not save after making the changes, a reboot will load the last saved config. Knowing this, I'd still be very hestitent to reboot. |
|
|
to Kostas
....supplying your running config would be a good place to start. Without it, sending us a few log snippets sends both us and you on a wild goose chase, if that.
Also, if you broke connectivity while you were making config changes to this device... I hope you followed best practices and a) backed up the config BEFORE you started making changes, and b) have a copy of said config to revert to.
If not, take it as a harsh lesson to start doing so for any future change work you may do.
My 00000010bits
Regards |
|