Network Security

Resolved! ASA 8.4 etherchannel with Sub Interfaces

I am trying to figure out how to create an etherchannel with sub-interfaces on an asa 5520 running 8.4.1 code. It doesn't seem to allow me to configure any type of sub interface on the port-channel or anywhere else once I create it. Does anyone kno...

FirePOWER are classifying legitimate traffic as BitTorrent

Hello, We have configured on FireSight a rule that block traffic for BitTorrent WebApplication, this rule has been work fine until today that the rule are blocking connections that there is not BitTorrent traffic: All traffic identified as BitTorren...

Resolved! Upgrading FMC to 6.0 from 5.4.1 fails!!

I have seen issues with upgrading FMC to 6.0 from 5.4.1. The pre-req for this is to install (Sourcefire_3D_Defense_Center_S3_6.0.0_Pre-install-5.4.1.999-2.sh). The patch upgrade i.e. Sourcefire_3D_Defense_Center_S3_6.0.0_Pre-install-5.4.1.999-2.sh fa...

Resolved! ASA 5505 implicit rules

Dear All, Is there any chance to disable the implicit rules, which apply the forwarding from higher-security level to a lower-security interface for an ASA 5505? I have more than one inside LAN and I don't want to add an explicit deny rule for every...

Port Forwarding for RDP 3389 is not working

Hi,I am having trouble getting rdp (port 3389) to forward to my server (10.20.30.20). I have made sure it is not an issue with the servers firewall, its just the cisco. I highlighted in red to what i thought I need in my config to get this to work...

downloading and updating security patches network switches, routers, and firewalls

I was wondering if there is posted somewhere a document to detail the easiest (most effiecient and/or foolproof) way to make certain that a device or devices have the latest security patches applied to them? Also if they end up not having them all ap...

Anyconnect queries

Hi All, Anyone can advise what technologies I can implement in order for the Anyconnect clients connected to Site A and at the same time go access site B. Both sites having site to site tunnel up and accessible via LAN connection. Thanks.

firepower

Hi i have a problem, after the connection rules to intercept files tab analysis file file-events some names of the captured file is displayed normally but some like this =?UTF-8?B?0J/QnyAyMi0wMi0xNi0yLnBkZg==?= or *0*=UTF-8''%D1%81%D0%BA%D0%B0%D0%BD...

Multi Context - limiting connection resources

Hello-I have setup a class-map to limit the number of connections for each separate contexts. I'm seeing an issue after applying it where the threshold is exceeding: "Drop-reason: (rm-conn-limit) RM connection limit reached"; however, the show resour...

5520 ASA Upgrade to Version 9

I want to upgrade my 5520 ASA to version 9.1(7) due to a vulnerability. But in the release note of 9.1(7) version isn't appeat this hardware: http://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#pgfId-114290. I need know if t...

Resolved! NAT config for IPSEC L2L tunnel

Hi Everyone, I have configured 5 ipsec l2l tunnels on ASA outside interface and need to know for NAT what config i should do on the ASA? I have ACL configured for interesting traffic and also NAT- T disable under crypto map. Do i still need any na...

Resolved! L2L tunnel is up but can not ping peer IP

Hi Everyone, L2L tunnel is up between two sites traffic is passing but i can not ping the peer ip? Need to know how can i make ping work from my end? Regards MAhesh

Resolved! show_crypto_ipsec peer output

Hi Everyone, I have setup L2L tunnel to vendor site and it is working fine as per below output show crypto ipsec sa peer 173.183.x.xpeer address: 173.183.x.x Crypto map tag: Outside_map0, seq num: 13, local addr: 192.42.x.x**********************...

IP Inspect Protocols (Beginner)

Hi All, Recently passed CCNA and starting to look into CCNA security topics. I have a 1811 router I just set up as my NAT gateway. I've configured a implicit deny ACL for all inbound traffic from the internet and IP Inspect for tcp, udp, icmp origin...

Resolved! Multiple context liceens for ASA 5585-X-SSP10

Hi , I am looking for enabling multiple context (5) on ASA-5585-X SSP10. I am unable to verify the part number for this. The only thing I found is "Cisco L-ASA-SC-5=" for ASA 5515-X, 5525-X, 5545-X, 5555-X. There is nothing mentioned for 5585-X fo...

Network Security

Forum Posts

Resolved! ASA 8.4 etherchannel with Sub Interfaces

FirePOWER are classifying legitimate traffic as BitTorrent

Resolved! Upgrading FMC to 6.0 from 5.4.1 fails!!

Resolved! ASA 5505 implicit rules

Port Forwarding for RDP 3389 is not working

downloading and updating security patches network switches, routers, and firewalls

Anyconnect queries

firepower

Multi Context - limiting connection resources

5520 ASA Upgrade to Version 9

Resolved! NAT config for IPSEC L2L tunnel

Resolved! L2L tunnel is up but can not ping peer IP

Resolved! show_crypto_ipsec peer output

IP Inspect Protocols (Beginner)

Resolved! Multiple context liceens for ASA 5585-X-SSP10

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Network Discovery and Correlation with Scan New Host

FMC and multiple AD domains

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

Cisco Secure Firewall File Policy exclude Windows Updates

ASA 5525x: upgrading ASA firmware and ASDM module

Disabled weaker encryption algorithms on a Cisco 3750 Version 12.2(55)

ASA Same Security-Level 100

SNMP Agent Default Community Name (public)