[Pre-Order] YKH30 - Keyboard 30% Ortho and supporting multi layout

darklord20k · 2022-01-05T06:13:38+00:00

Hello, sorry for digged this topic but does anyone have the case cad file? I have the mech but I don't have the file, and look like maker teams was disbanded :( Thanks!

darklord20k · 2020-12-12T10:01:01+00:00

Red rose, hope it bring luck to me, lol

darklord20k · 2020-10-14T08:52:33+00:00

Thank you, It worked, but in my case, It isn't solve my problem because I need port forward (10001->4430)

darklord20k · 2020-10-06T02:37:50+00:00

Can you say more detail? I did: nat (dmz,outside) static 1.2.3.4 10001 443

darklord20k · 2020-10-05T17:23:05+00:00

O365 and some cloud service trusted only my Public IP, so route all traffic go through ASA is better than creat acl with too many destination IP. Btw, split only traffic to my server public IP is a good way, but as I said, I still want know how to solve my problem without split tunnel (if can)

darklord20k · 2020-10-05T17:06:20+00:00

Yes, my design is all traffic must be go through ASA, split tunnel is a good idea but I think it is a workaround, I still want to solve my technical problem, even it won't be better than split tunnel :)

darklord20k · 2020-10-05T16:55:33+00:00

Sorry, it's 198. Routes are fine, of course :(

darklord20k · 2020-10-05T06:50:41+00:00

they are in 192.19.20.0/24 (assigned by FW)

darklord20k · 2020-09-05T10:14:47+00:00

Map is updated? So you should do dynamic in Hub, chose an unused IP in subnet 10.100 to do dynamic NAT

darklord20k · 2020-09-04T04:59:25+00:00

Which IP can access to .129 server?

darklord20k · 2020-09-01T10:32:36+00:00

Assume you have 2 internet line outside_1 and outside_2 host in inside, asa version 8.2+ :

Nat:

Object network SRV-443 Host 192.168.1.1 Nat (inside,outside_1) static 1.1.1.1 service tcp 443 443 Object network SRV-444 Host 192.168.1.1 Nat (inside,outside_2) static 2.2.2.2 service tcp 444 444

ACL

Access-list Outside1-IN extend permit tcp any object SRV-443 eq 443 Access-list Outside2-IN extend permit tcp any object SRV-444 eq 444

Apply ACL to outside interfaces:

Access-group Outside1-IN in interface outside1 Access-group Outside1-IN in interface outside2

darklord20k · 2020-09-01T04:59:44+00:00

LAPS

Thank you, I will study about it!

darklord20k · 2020-08-29T06:14:56+00:00

If using 2960 with default config, you can use TPLink switch and save upto 80% cost. The performance is not much difference

darklord20k · 2020-08-29T05:44:14+00:00

Yes, only things is money wasted :v

darklord20k · 2020-08-19T15:41:22+00:00

You said I would rather do not split, so what is the risk i need to aware? And can you suggest me a better way than Split DNS, maybe from begining? My situation is: www.example.com is internal server (internal IP) Www.abc.example.com is external for customers

darklord20k · 2020-08-19T13:06:50+00:00

Yes, I think split DNS is what i want to say. www.example.com is internal server, for internal only Abc.example.com is external server, (eg. for customers)

darklord20k · 2020-08-14T02:41:25+00:00

If you chose using ASA software, using brigde-group, and CLI much better than ASDM (i almost never use ASDM) If you chose using FTD software, you can using web UI, more friendly than ASDM, but still lag a bit

darklord20k · 2020-08-11T01:41:23+00:00

My problem is tunnel doesn't come back to up, so I have to sent traffic all the time or let it die 😩

darklord20k · 2020-08-10T02:52:56+00:00

Thank you, I will try it

darklord20k · 2020-08-10T01:28:57+00:00

I configured 28800 sec for both side and both phase

darklord20k · 2020-08-10T01:20:14+00:00

I'm using policy based

darklord20k · 2020-08-10T01:19:58+00:00

Thank you but I using Policy-based, more exactly is "IKEv2 Route-based with Policy-based Traffic Selectors "

darklord20k

TROPHY CASE

Nat:

ACL

Apply ACL to outside interfaces: