Hi Kings, Did you enable webvpn on the outside? You can connect using IP address as well.
Regards, Piotr 2011/9/5 Kingsley Charles <[email protected]> > Hi all > > I have configured the ASA for CA server and when I try to access the > enrollment URL, I get the following logs: From the log reference for 710005, > I think, the CA server service is not running. > > I am trying to access enrollment url using the host name > https://asa2/+CSCOCA+/enroll.html and have defined hostname to IP address > mapping in the host file. I remember, we can only access using hostname not > IP address. > > Any thoughts? > > *Config* > > crypto ca server > subject-name-default cn=ca > smtp from-address [email protected] > > *Logs* > > %ASA-7-710005: TCP request discarded from 10.20.30.40/1750 to outside: > 10.20.30.43/443 > %ASA-3-710003: TCP access denied by ACL from 10.20.30.40/1750 to outside: > 10.20.30.43/443 > > > Snippet from > http://www.cisco.com/en/US/docs/security/asa/asa71/system/message/logmsgs.html#wp1285746 > 710005 > > Error Message %PIX|ASA-7-710005: {TCP|UDP} request discarded from > *source_address/source_port* to *interface_name:dest_address/service* > > Explanation This message appears when the Cisco ASA does not have a UDP > server that services the UDP request. The message can also indicate a TCP > packet that does not belong to any session on the Cisco ASA . In addition, > this message appears (with the service *snmp*) when the Cisco ASA receives > an SNMP request with an empty payload, even if it is from an authorized > host. When the service is *snmp*, this message occurs a maximum of 1 time > every 10 seconds so that the log receiver is not overwhelmed. > > Recommended Action In networks that heavily utilize broadcasting > services such as DHCP, RIP or NetBios, the frequency of this message can be > high. If this message appears in excessive number, it may indicate an > attack. > > > With regards > Kings > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
