I am trying to add a rich rule to isolate a dev environment for a contractor to develop on. I have placed the machine on a DMZ, but i would like to isolate it a little further, and from the OS level.
Running CentOS 7.1.1503 firewalld 0.3.9-11
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.225' destination address='192.168.1.222' drop"
I receive the error
Error: INVALID_RULE: destination action
Which appears to be a catch-all error.
I am trying to install a certificate on my Cisco ASA 5515. It has my local Windows 2012 CA as a trusted CA. The domain has also had this CA applied to their trusted root.
Whenever I try to connect from the outside via anyConnect VPN I get an untrusted certificate error, specifically "Certificate does not match the server name".
The device hostname is vpn, domain name is example.com. The Certificate is issued to cn=vpn.example.com issued by cn=corp-dc1-CA,dc=corp,dc=example,dc=com.
I do have 2 autonomous domains configured: corp.example.com is an internal domain which is not registered with GoDaddy; example.com is registered with GoDaddy.
I used a CSR from the ASA to generate a cert on my CA and installed the new cert on my ASA, but still no luck.