Network Security

ASA5505 won't allow Windows Server 2012 r2 to access internet

I have an ASA5505 I am trying to integrate into our network, however the ASA5505 won't allow our server to access the internet via our HP Procurve layer3 switch. Currently, only the server is connected via the switch as well as the two trunk lines to...

Why ASA is dropping Syn/Ack packet from a permited connection by ACL

Hey guys I'm experiencing some kind of weird behavior of my ASA 5520 (8.3.1)I have a customer that needs to access an inside webserver of mine.I've created a rule in the proper ACL permitting another range of their address to access the web server.I ...

ASA 5500-X Requirements - Information Needed

Hi all,I am working with a Cisco ASA 5500-X requirements and I would like to know where I can get some information about 5525-X and 5545-X.Information like Stateful Inspecion throughput, CPS, Interfaces, etc I can get in Datasheet.But information lik...

Is my ASA 5505 dead ? (I2C_UNPOPULATED_ERROR, I2C_HOST_BUSY_ERROR)

Hello! My ASA 5505 won't boot up correctly showing(after a long time (3-4 min):i2c_read_word_w_wait() error, slot = 0x0, device = 0x64, address = 134 byte count = 2. Reason: I2C_UNPOPULATED_ERROR I tried some solutions, like:rommon #3> confreg 0x41 o...

Resolved! DNS doctoring in 8.4

I currently have a NAT statement on my firewall for a public facing server which looks like this:nat (any,any) source static any any destination static server_ext_ip server_int_ipTypically I believe this would be better off as an object NAT but for n...

Resolved! Install Cisco Security Manager 4.7 on Hyper-V

Hello, Our customer want to install Cisco Security Manager on a Virtual Machine virtualized with Hyper-V. Documentation only mentions install the software on a Virtual Machine on Vmware systems.Can we install without problems, and the installation wi...

ASA-5505 NAT to a Range of ports

I have an ASA-5505 running 8.4 I have entered the following ... object service WLG-Rng-1 service udp source range 10000 11000Then this ..nat (inside,outside) source static VOIP-Sys-4 interface service WLG-Rng-1 WLG-Rng-1The nat command fails with "E...

Internal error: Unable to find the access rule.

I have a Cisco ASA 5550 and using ASDM 6.2.Opening the ASDM, in Firewall Dashboard, in Top 10 Access Rules, show the second rule with more hit: "interface X | source: any | Dest: any | Service: ip | Action: Permit.During the day, the hits increase an...

CDA - Mappings

Hello,Does anyone knows how long are the IP-to-user mappings kept on the Cisco Context Directory Agent?Is there a setting that dictates for how long to keep these mappings if a user doesn't logoff? The scenario i have seen is that user lock their PCs...

Need command help with Access-list - Urgent

I have been struggling to add commands to open ports to my access list. They are needed for the alarm system and our voip.Below is my current one, but not sure where to put in the requirements below in red. Realy need help fast as these services ar...

ASA Upgrade NAT rules

Hi All, Please correct me If I am wrong. I am upgrading from 8.0 to 8.4. One of my customer has nat rules in 8.0 as belowFor all the access lists for below they used permit ip any anynat (inside) 0 access-list xxxxxnat (outside) 0 access-list xxxx ou...

asa 5540 vpn ip addressing quesiton

i'd like to change the outside address that my 5540 listens on for our ipsec vpn clients, where exactly do i change this? perhaps in nat rules (tcp 1000?) we have a /29 and i'd like to replace our pix that is serving as our vpn and would love to reu...

cisco asa high cpu - 90% -100%

Hi All,Recently observed constant high cpu in asa firewall with version 8.2.5 - 80% utilization. The process consuming more cpu is - tmatch compile thread around 60%. Do you recommend downgrade to 8.2.3 or is it an opened bug in the current version 8...

Resolved! Unable to telnet to ASA. "IPSEC: Received a non-IPsec..."

Hi, Recently after making changes (not sure what) to the ASA5515 at one of our branch offices I am no longer able to telnet to it. I can SSH to it can access it through ASDM but not telnet.. The logs gives me this error when I try to telnet to i...

NAT error "Unable to reserve ports"

I have an ASA 5512 running asa915-smp-k8.bin I enter the following commands and get this error.FW-5512-ASA(config)# object network TCP_OWA_443FW-5512-ASA(config-network-object)# nat (inside,outside) static interface service tcp https httpsERROR: NAT ...

Network Security

Forum Posts

ASA5505 won't allow Windows Server 2012 r2 to access internet

Why ASA is dropping Syn/Ack packet from a permited connection by ACL

ASA 5500-X Requirements - Information Needed

Is my ASA 5505 dead ? (I2C_UNPOPULATED_ERROR, I2C_HOST_BUSY_ERROR)

Resolved! DNS doctoring in 8.4

Resolved! Install Cisco Security Manager 4.7 on Hyper-V

ASA-5505 NAT to a Range of ports

Internal error: Unable to find the access rule.

CDA - Mappings

Need command help with Access-list - Urgent

ASA Upgrade NAT rules

asa 5540 vpn ip addressing quesiton

cisco asa high cpu - 90% -100%

Resolved! Unable to telnet to ASA. "IPSEC: Received a non-IPsec..."

NAT error "Unable to reserve ports"

We want to celebrate the October Spotlight Award winners!

Get ready! Great things are coming to Cisco Community

New name, same great product: Cisco Spaces

FTD - ASP-DROP - Inspection failure (inspect-fail)

WCCP on ASA: few basic questions

Can't ping ASAv after upgrade

Firepower running ASA code using the FXOS API

asa5506W-X AP reimage/reload

FMC/FTD VPN issue

FTD 2130 Ports

SSL Version 2 and 3 Protocol Detection in cisco switches

ASA anyconnect LDAP/BAse DN and client profiles

upgrade software version ASA 5525-X