Network Security

ASA CX partition not working

Hello experts, I am trying to configure an ASA CX module installed on an ASA5515.I am able to console into the module, use the setup command and I am able to ping the FTP server.As soon as I try to use the command "partition" I get the following: asa...

Resolved! FirePOWER policies on local ASA after adding to FireSIGHT Mgmt Center

Are the settings and policies of a local ASA with FirePOWER wiped out or overridden upon adding the device to be managed by FireSIGHT Management Center? I have an ASA which has been functioning standalone with FP and need to now add it to FireSIGHT D...

Seperate ACL's for Seperate VTY Groups

I am looking into the possibility of applying separate ACL's to separate VTY groups.It sounds theoretically possible, but I do not have a lab to mock it up in to test.The current issue is various tools sucking up VTY resources and not leaving much fo...

Upgrade IOS (PIX) lost license?

Hi guysI wanna upgrade the IOS of my PIX-515E, but I wanna know if I do it my device going to lost the license. Thanks.

FWSM auto ACL resource optimization

Dear Experts , Please can anyone let me know about FWSM ACL optimization & its impact on the FW module in production .Commands :access-list optimization enableshow access-list optimizationcopy optimized-running-config running-config Thanks , Kous...

ASA 5506W-X Wireless Feature

Hi, We have a new ASA 5506W-X with 9.4 system image that I need to configure for Internet, site-to-site vpn, and wireless. The wireless part is new to me and it seems there's no detailed documentation/configuration guide available yet for this ASA mo...

ASA 5510 IOS updated no shared folders on win 2003 server

Very odd issue. We had 1 X 5510 ASA on version 8.3(2) after a power supply burned out we bought 2 more 5510 ASA. Backed up the config from the old 5510 installed the same config on the new ASA and up graded the IOS to 9.16-8-k8. and Set up the fail o...

Resolved! Cut-Through and Direct ASA HTTP Authentication

hi i am trying to test the ASA authentication in my LAB before implementing in real production system amd its not working my lab is to having HTTP server set in the inside network (IIS) and outside network , the IIS server is Static NAT to the out si...

Cisco 2901 with Firewall pack, have NAT and normal routing combined on the same interface?

Dear, I am struggling with a certain project where a kerio winroute software firewall needs to be replaced by a hardware router/firewall.The purchased hardware is a 2901 with K9 firewalling license pack (no experience on cisco routers).It is just rou...

Cisco ASA Proxy TLS 1.2 mutual authentication

Hi, I would like to try to implement the following setup:Server <------> CISCO ASA <----IPSec S2S tunnel----> IPSec Peer <----> Clientthe Client is attempting to establish a TLS1.2 session to the Server.Due to additional constrains, I cannot terminat...

ASA 5585X vs Palo Alto 3020 - differences - help needed understanding

I was hoping to get some clarifications on the ASA technology vs the Palo Alto 3020. Below are the specs from the website for the 3020.Questions1) I believe the ASA 5585X would be right choice/equivalent: ASA5585-S10C10-K9. Correct?2) The ASA doesn'...

Resolved! How to NAT Outside Hosts with Inside Subnet when accessing resource from Outside

Hi,I am trying to figure out how can I NAT the source IP address of Outside hosts in the ASA when they try to access a router located in the Inside network so that I do not have to put a route pointing back for those Outside subnet's in the router. ...

Resolved! IPS UPDATE LICENCE ISSUE

Hi,we recently update the contract to get updates for the IPS, but we are getting the attached error message when we try to get the updates with the cisco username and password that contain the contract.anybody knows about this error?

Port channel at firewall

Hi, I have two ASA firewalls working on fail over, a vPC is configured between firewalls and two nexus switches. vPC is up and port channel is configured. Now I made a virtual interface on firewall as inside interface and assign a vlan id 15 same as ...

ASA 5525 Firmware Upgradtion and Revert(rollback) process

Dear Friendz, Currently we are using ASA 5525 in Active-Standby pair (Firmware - asa922-4-smp-k8.bin) and planning to upgrade the same, aware about the firmware up gradation process but would like to know about rollback (revert or downgrade steps) . ...

Network Security

Forum Posts

ASA CX partition not working

Resolved! FirePOWER policies on local ASA after adding to FireSIGHT Mgmt Center

Seperate ACL's for Seperate VTY Groups

Upgrade IOS (PIX) lost license?

FWSM auto ACL resource optimization

ASA 5506W-X Wireless Feature

ASA 5510 IOS updated no shared folders on win 2003 server

Resolved! Cut-Through and Direct ASA HTTP Authentication

Cisco 2901 with Firewall pack, have NAT and normal routing combined on the same interface?

Cisco ASA Proxy TLS 1.2 mutual authentication

ASA 5585X vs Palo Alto 3020 - differences - help needed understanding

Resolved! How to NAT Outside Hosts with Inside Subnet when accessing resource from Outside

Resolved! IPS UPDATE LICENCE ISSUE

Port channel at firewall

ASA 5525 Firmware Upgradtion and Revert(rollback) process

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application

Disable checking of SIP traffic on FTD via FMC