This document answers frequently asked questions about the Cisco ASA 5500 Series Adaptive Security Appliance.
Q. Why am I unable to ping the inside interface of the ASA from a host connected to the outside interface of the ASA?
A. The default behavior of the ASA is to allow all ICMP traffic to the ASA interfaces. However, the ASA denies ICMP messages received at the outside interface for destinations on a protected interface.
Q. When LDAP authentication/authorization is performed from an LDAP server on ASA, if a user has over 999 values for a single attribute, then the user authentication/authorization fails with this error message: %ASA-3-109035: Exceeded maximum number (999) of DAP attribute instances for user = <username>%ASA-6-113013: AAA unable to complete the request Error : reason = Invalid response received from server : user = <username>.
- ASA FAQ: Can a transparent mode ASA be configured without an IP address on the bridge group?
- Can I configure more static NAT entries than the maximum number of concurrent connections for the given platform?
- ASA FAQ: On ASA in multiple mode, why do I receive the Memory pool size is not valid Allowed range from 2 to 512 error message when I issue the url-block url-mempool 10240 command?
- Technical Support & Documentation - Cisco Systems
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.