Network Security

Resolved! ASA 5510 intial setup???

I am trying to connect my asa to my network. I am new to firewalls. I started with setting the management0/0 interface on an ip address of 192.168.1.2/24 and connected it to my router with 192.168.1.1/24. Both interfaces are on the same subnet. I tri...

Resolved! Physical Firepower

Hello! There is serious lack of information regarding firepower appliances. For example you can find many things about ASA with SFR, but nothing about physical Firepower appliances. Thats why i have two questions:Can we replace our proxy with Physica...

ASA 8.0(3)6 DMZ configuration example?

Accidentally, I have to implement a DMZ configuration on an outdated and unmaintained ASA 5510 firewall (ASA version 8.0(3)6, ASDM version 6.0). After diving into the manual and some forum posts, I've learned that there was a major CLI syntax change ...

10G interfaces on the IPS SSP-40

We currently have an ASA 5585-X with an SSP-40 as well as an IPS SSP-40. There is currently no IPS functionality in use, the IPS SSP-40 was bought for a future project. Another administrator is under the impression that we can not use the 10G inter...

ASA 5505 Version 8.2(5) Commands to enable port forwarding

I am needing assistance with the command(s) needed to enable traffic from the outside interface using port 8181 to a device behind the firewall. The outside (public) interface is using ip address 66.76.160.79. The device that I need to access behind...

WLC & ISE FIREWALL CONFIG

Hi We have a new WLC with ISE. We can see the laptop connecting to the WLC & ISE as well as on the firewall. On the laptop (in cmd) I can see via ns lookup 8.8.8.8. However when I open a webpage on the laptop i get a 'unable to connect'. In the ...

ASA 5505 only hitting implicit rule

Hello everyone, In my lab environment I have set up a cisco asa 5505 firewall for testing purposes. Got some things working, but I cannot get past the implicit deny rule: I make rules to permit http traffic between interfaces, but the firewall keeps...

ASA Service-Policy: drop count

1. With Modular Policy Framework, what is the meaning of the drop count? See below output of a SFR policy. 2. Does it represent packets that were dropped by the ASA prior to being punted to SFR? 3. If the ASA is dropping those packet, what would be ...

Resolved! Basic question about Nat & DMZ

Hi, If I have two web servers (say 10.1.1.1:80 & 10.1.1.2:81) in a DMZ, is it sufficient enough to add a static NAT or PAT only and the servers will be reachable from outside on those ports?Or do you need an outgoing dynamic nat in order for those se...

Cisco ASA Internal-Data

Hi, I have a asa 5585-x the internal data ports are having alot of input errors and overrun also there is huge number for no buffer count is this something we have worry about?

CPU usage: ASA with SourceFire

I have an ASA 5545-X with SourceFire and the module is reaching over 90% of CPU usage (not all the time only during working hours). However I can see that only 1 CPU (there are 6) is reaching that limit. I have two questions: does the SourceFire modu...

Resolved! Load Balancing and Hight Availability

Hello, I have two ASA 5512 and two ISP modem first I want to setup each ASA for load balancing interface wan1, interface wan2 and ech interface is a PPPoE connection , so is it possible ! secondly after configurating those two ASA for load balancing,...

Poor throughput performance with ASA-5505

I've seen a lot of people complain about this, but I haven't found any suggestions that work. Our Internet connection is 100 Mbps, but the ASA limits it to 30 Mbps. I've completely blown away the configuration and only put on the inside and outside I...

large files download drops or take much longer time than expected

Hi, I have an issue like large files download drops or take much longer time than expected . How do i verify asa drops or its not an ASA issue. It may the ISP limiting the bandwidth Thanks

Resolved! Another NAT question.....

Hi, I have an OUTSIDE interface (goes to another private network 10.1.1.254/24) On the INSIDE interface (192.168.200.0/24) we have various servers. These are statically natted to a different ip eg 10.1.1.1 > 192.168.200.1, 10.1.1.2 > 192.168.200.10 e...

Network Security

Forum Posts

Resolved! ASA 5510 intial setup???

Resolved! Physical Firepower

ASA 8.0(3)6 DMZ configuration example?

10G interfaces on the IPS SSP-40

ASA 5505 Version 8.2(5) Commands to enable port forwarding

WLC & ISE FIREWALL CONFIG

ASA 5505 only hitting implicit rule

ASA Service-Policy: drop count

Resolved! Basic question about Nat & DMZ

Cisco ASA Internal-Data

CPU usage: ASA with SourceFire

Resolved! Load Balancing and Hight Availability

Poor throughput performance with ASA-5505

large files download drops or take much longer time than expected

Resolved! Another NAT question.....

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Firepower 4110, Unable to open up Firepower Chassis Web UI

FTD2130-migration of sec. zones/IGs/IP addresses to new interfaces

Firepower 1120 transparent mode interface best practises?

Firepower 1010 Interface config to connect vlans to remote switch

Failover license

ASDM Packet Tracer test from IP to any IP on the internet

Cisco ASA NAT Self Generated traffic to AAA not working

Problems backing up FMC to new SFTP server

ICMP thru Cisco Firepower - Inside to Outside devices

Ping thru a Cisco Firepower 2130 FTD inside to outside devices