Network Security

I have two ASA 5510s connected over a WAN, running IPsec (AES-256).   I'm not getting any errors, but the application is getting clobbered.  The application is using Linux IPsec.   Where do I start looking, in regards to packet capture, MTU problems,...

HiI've had a serious problem over the past few days. One of my Firepower modules in a active/standby inline fail-open set of ASA5525-Xs stopped passing traffic on two occasions, immediate solution was to fail over to the standby 5525 but failing back...

I already upgraded my ASA version to 9.4 and now it working with PBR. But I'm having issues on setting up the sla monitor.   Test# sh track Track 1   Response Time Reporter 1 reachability   Reachability is Up   276 changes, last change 00:03:02   Lat...

Hi All, If we have an active/standby in transparent mode setup similar to the attached diagram (the 2 FW have a direct cable also for the heartbeat). When one of the FW is active - does spanning tree block a port so that traffic only goes through one...

Hello everyone! There is one issue with ASA. In our compny we filter some resourses on our ISP devises simple adding acl and using IP addresses. Now we faced a problem, that some web-sites using one IP shouldn't be banned, after that we made up with ...

Our Company is going to need to upgrade our 5540 ASA firewall soon because we are going to move it to a DR Site instead of buying a new one for the DR site to only have to replace it in 3 years. What ASA compares to the 5540 for specs? ASA needs to h...

Hi, Please, can you advice me before proceed in asa failover configuration ? What should I do at the first, at the second and at the third ? 1-adding the 2 devices in Firesight Management Center 2-Redirect Traffic from the Two ASAs to Firesight Man...

I am running code 8.2.5. If I allow an SSL/TLS connection to a new server inside can I enforce the use of TLS 1.1. or 1.2 in case the server is not? Or do I not have any control over that within the ASA command set?

Can someone provide the proper upgrade path for the 5500 series ASA-SSM-10 from 6.0(5)E2 to 7.1(10)E4 The release notes state that you must just be running minimum 6.0(6)E4 so can I just upgrade to 6.0(6)E4 from 6.0(5)E2 then directly to 7.1(10)E4? ...

I am getting ready to dump the cisco cx module on a asa 5525-x for the cisco asa firepower. I been using the cx module ssl decryption in order to get sight into ssl traffic. Reading the release notes for Firesight 5.4 it seems cisco has now included ...

HI Guys, I have a vodafone link into the office, the vodafone link goes to a ONT and from the ONT goes to a ASA 5505 running ASDM version 9.1(5), I have enabled remote access to the firewall over HTTPS,everytime I try to remotely access ASM it fails ...