I was attempting to add a PAT (port address translation) rule for https (TCP 443) on a customer's Cisco ASA. The rule kept getting rejected with the error that it could not be created.  After trying a few times, I figured out the ASA was rejecting the rule because ASDM (Adaptive Security Device Manager) access, which uses https had been enabled on the outside interface.  I changed the port number for ASDM and I was then able to create the PAT rule.


 

Multiple vulnerabilities have been discovered in Cisco ASA and PIX devices running version 7.x and 8.x software. Cisco has released free software updates to address the vulnerabilities. Installation of updates will require after hours work and device reboots.

For more information about individual vulnerabilities, refer to the following link:
http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml

[more] If you'd like help updating your Cisco ASA and PIX devices, please contact CoNetrix at support@conetrix.com or call (800) 356-6568.