Object Groups in use cant be deleted. You must remove the individual ACLs or the entire list. Then you can remove the object-group. ASA(config)# clear configure access-list acl-in ASA(config)# no object-group service Webserver-svcs
Show Pre-Shared Key OHI-ASAFW# more system:running-config | b tunnel-group
Simple NAT using the OUTSIDE Interface All internal IP addresses will be translated, because the NAT statement references 0.0.0.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0
Simple NAT using a Dedicated IP Address global (outside) 1 63.227.68.2 nat (inside) 1 0.0.0.0 0.0.0.0
Static NAT For Host Inside for Public Access static (inside,outside) 63.227.68.3 192.168.2.12 netmask 255.255.255.255 0 0
Static NAT for DMZ Server for Public Access static (dmz,outside) 63.227.68.4 192.168.64.45 netmask 255.255.255.255 0 0
Configure access-list access-list alc_in extended remark Allow port 8o to WebServer A access-list outside_access_in extended permit tcp any host 192.168.2.12 eq 80 (allows traffic destined for 192.168.80.4 on port 80 through the firewall)
Configure Failover/Standby *Both ASAs in failover pair must be the same major ISO version, or they will not synchronize configurations.
ASA(config)# failover ASA(config)# int gi0/0 ASA(config-if)# nameif INSIDE ASA(config-if)# security-level 100 ASA(config-if)# ip address 192.168.1.2 255.255.255.0 standby 192.168.1.3 ASA(config)# int gi0/1 ASA(config-if)# name OUTSIDE ASA(config-if)# security-level 0 ASA(config-if)# ip address 63.227.68.2 255.255.255.240 standby 63.227.68.3
ASA(config)# int gi0/3 ASA(config-if)# description ### LAN/STATE Failover Interface! ###
ASA(config)# failover lan unit primary ASA(config)# failover lan interface failover GigabitEthernet0/3 ASA(config)# failover link failover GigabitEthernet0/3 ASA(config)# failover interface ip failover 192.168.255.1 255.255.255.0 standby 192.168.255.2
ASA-TWO(config)# failover ASA-TWO(config)# failover lan unit secondary ASA-TWO(config)# failover lan interface failover GigabitEthernet0/3 ASA-TWO(config)# failover interface ip failover 192.168.255.1 255.255.255.0 standby 192.168.255.2
Troubleshooting ASA# show xlate (Shows Translations) ASA# clear xlate CAUTION USING THIS! ALL SESSIONS IN THE FIREWALL WILL BE BROKEN! ASA# show conn detail (Shows Connections)
Saving Configuration Changes ASA# wri mem ASA# copy run startup-config ASA# write mem all Saves Configurations for All Contexts