Network Security

Resolved! Existing access-traffic packet capture

Dear Team, I have to capture the traffic from the existing access-list. We have 100 access-list with line number. EX: access-list DMZ2_inbound line 18 extended permit tcp host 172.6.21.8 host 10.10.6.3 eq http access-list DMZ2_inbound line 19 ext...

ASA Memory issue

Hi, i am facing issues with firewall ASA 5512-X software 9.4.(3)6 memory goes up for unknown reasons to me i got this alarms from NMS alarm system has received 100 alarms about the event (mteTriggerFired) of device ASA-Active and when i checked m...

Two subnets on ASA5510

Hi, New to Cisco so sorry if these are basic questions..Recently received an ASA5510 that was setup with a single IP subnet from our ISP fiber modem and worked fine. We've just added a second block of IPs (different subnet/gateway) that I'm having i...

ASA 5580 interface's performance problem

Hi friends, my ASA 5580 is having a performance problem in one of its interfaces. I have configured 3 interfaces (CMTS, CARIERS and INSIDE_Prueba) in the LAN side and 1 for outside (OUTSIDE). The problem is that all PC's connected to the CARRIERS int...

URL Blocking on ASA 5545-X

Hi, I have ASA 5545-X in my network , i want to block Youtube & Facebook, but i did not find any URL blocking option in ASA by giving some keyword or URL ? Please if someone has any idea to accomplish this .. ?

Security Intelligence URL Blacklist

I created a static list for URL blacklist and applied to my ACP. I was under assumption that the security Intelligence settings override any rules defined within the ACP. Just to see what traffic was getting through to my Allow_All rule with IPS de...

Dynamic NAT/PAT problems

We are having issues with communication between private networks using a Cisco ASA 5505. When we do a packet tracer we receive the following error. no nat (inside) 0 access-list inside_nat0_outboundno nat (ASSR-TRSR) 0 access-list inside1_nat0_outbo...

Resolved! Firesight virtual device center upgrade failed 5.3.0.3-56 --> 5.3.1-152

The update to 5.3.1-152 does not succeed. The following error was displayed. Task Status Your task Installing Sourcefire 3D Defense Center S3 Upgrade version: 5.3.1-152 (Local Install) failed at Wed Dec 9 15:19:48 2015 Update Installation Failed : [...

Resolved! ASA 5510 software

Gentlemen and ladies I inherited two ASA 5510 devices acting as SIP Proxies, the software they say they have is "Cisco Adaptive Security Appliance Software Version 8.2 (3)". I looked it up and it says this version is from 2010!!! is this correct? an...

ASA 5505 Config

Can someone help with this? I am currently studying for my CCNA so I am new at this so forgive me. The config int eh attachment is a preconfigured ASA for our remote homes so I just import all of it and it should "just work" or so I have been told. A...

Resolved! Cisco ASA syslog command issue

Cisco ASA 5550 Cisco Adaptive Security Appliance Software Version 8.2(5)Device Manager Version 6.4(9)System image file is "disk0:/asa825-k8.bin" =============================================== Such a thing happened today, my asa using remote syslog s...

Cisco ASA 5506-x FMC Managed and NAT

I am having issues with a 5506-x firewall that is managed with FMC. I am new to this management tool. I am trying to NAT a public IP address that is in the same IP address space as the outside interface and NAT it to an address on the DMZ. With ASDM...

Resolved! How to configure ASA 5585-X to Stateless Connection?

Hi Guys, What my perspective, ASA is the stateful connection. But, Can I configure ASA 5585-X as Stateless connection? How to configure it? Best regards, William

ASA Firepower ignore users groups in Access Control Policy

Hello, We use ASA 5516-X with FirePower Services. FirePower services version - 6.2.0 with 6.2.0.1-10 patch installed. ASDM - 7.7.1 ASA - 9.7.1 We use passive authentication with active authentication like fallback with Active Directory realm. Fir...

Apply service policy inbound or outbound?

Good morning, I have a class-map called CLS-BLOCKED-CONTENT that identifies Netflix, Hulu and other undesirable traffic. I also have another class-map called CLS-RESTRICTED-CONTENT that identifies traffic such as YouTube etc. I have a policy map ca...

Network Security

Forum Posts

Resolved! Existing access-traffic packet capture

ASA Memory issue

Two subnets on ASA5510

ASA 5580 interface's performance problem

URL Blocking on ASA 5545-X

Security Intelligence URL Blacklist

Dynamic NAT/PAT problems

Resolved! Firesight virtual device center upgrade failed 5.3.0.3-56 --> 5.3.1-152

Resolved! ASA 5510 software

ASA 5505 Config

Resolved! Cisco ASA syslog command issue

Cisco ASA 5506-x FMC Managed and NAT

Resolved! How to configure ASA 5585-X to Stateless Connection?

ASA Firepower ignore users groups in Access Control Policy

Apply service policy inbound or outbound?

Get ready! Great things are coming to Cisco Community

New name, same great product: Cisco Spaces

Don't miss the August 2022 Spotlight Award winners!

Firepower Decrypt Known key for Proxy

Cisco FTDv -- How configure NTP via CLI

New Snort 3 IPS policy update and best practice vs. Snort 2

Snort 2 to Snort 3 Migration - Rules migration skipped for xx rules

FTD (NGFW1010) HA branch site - management via FMC

2960X weak diffie-hellman ciphers

Clarification on FirePower policy default action.

Port security shows disabled in 9400

ASA VTI with BGP issue

Firepower stuck during install