Network Security

After upgrading the ASA cluster of a customer to firmware 9 we can no longer log in to both units with ASDM.It is only possible to login to one unit, the second unit does not accept any username/password combination.The problem is not related to an A...

Good day , I have a 5525-x running Software Version 9.2(2)4 and in multiple mode.I installed the CXSC Module ver9.3.3.2 and set one of my context firewalls to redirect through the CXSC Module.Then I enabled to NG IPS with everything default. Now the ...

So I have a VPN set up, and users are not able to connect to an application server hosted in our DMZ network. The VPN is an ASA 5512x. The server they are not able to connect to is a windchill application server. After a packet trace, they can get to...

I’m trying to implement a whitelist with DNs Inspect in Service Policy Rules. I can do a Blacklist with the sites the users cannot access. But when I try to invert the logic and implement a Whitelist I end up with everything blocked.I create a DNS in...

Hello, I was wondering how http data travels through the firewall enabling Internet browsingwhen port 80 is not open? 

Hi, I'm using Cisco 7206VXR with c7200p-adventerprisek9-mz.152-4.S7.bin IOS image,now i'm trying to configure object-group, in order to minimize my ACL, but i can't use this command else then object-group security?! RTR1(config)#object-group ?  secur...

Hi,Please can some one confirm if the following is posible in ASA 5500 series, Question,Can you configure redundent interface to use as inside interface but in multicontext routed mode. I know you can do it in transparent mode becuse you don't need t...

Hello, I was wondering what the IOS inspect statement does. Does it search for viruses or other intrusionsin packets then drop them, or is just for filtering for statefull data?

hi there. Have been conducting ASA upgrades (8.2 > 9.1) and at the same time doing a tremendous amount of cleanup, e.g. the usual untidy mess of stale objects, obscure undocumented rules, and messy NAT configurationsThere seems to be a school of thou...

Hi Im trying to upgrade a cisco ASA cluster using CSM .Is there a way to do this without any network disruption?I understand from the clustering documents that upgrading a cluster requires me to first upgrade the slave,disable clustering on the maste...

Hi all,I am struggling with an event log analyzer software (Manage Engine Event Log Analyzer) in order to produce meaningful custom reports and avoiding collecting too much data  from a couple of ASA 5500 which wouldn't be processed due to the softwa...

Hi All, Please kindly advise on the below.We have an ASA in production. We are trying to upgrade it. The issue is, we are not able to upload files remotely to ASA. We have both ftp and tftp inspection enabled.Below is the scenario         Inside----A...