Blog Archives

Allowing VPN/L2TP through ASA

Whilst there probably is many answers to the problem “allowing VPN through ASA”, the following will fix problems with regards clients on the inside trying to establish a VPN-connection (L2TP) to remote peer on the outside. The logs show the following error: “regular translation creation failed for protocol 47 src such and such” Due to […]

Cisco ASA NAT rule positioning

When you add a new NAT-rule via the CLI of a Cisco ASA, the newly added rule will be appended to the NAT rule list. Tradionally you will have a NAT-hide rule at the very end, in order to provide your clients with IP connectivity to the Internet. Fortunately there is a way to choose […]

Increase TCP timeouts on Cisco ASA – for example traffic destinated to your SQL-server.

Did you ever have a run-in with applications terribly sensitive in terms of losing their database-connection and you need to increase the time-out the TCP-connections to this server? This configuration basically matches all traffic to one specific IP-adress and uses a service-policy to give it a longer timeout value.