Network Security

CISCO ASA 5505 : How to block a ip doing brute force attack on Remote Desktop ?

Hi all, I have a fixed ip and I am under attack by a brute force / hammering on port 3389 for the Remote Desktop Connection.I want the CISCO 5505 to detect the attack (for example if they try 5 connections in 3 minutes) and then to ban / shun the att...

MPLS Security Design

Hello All,I am trying to get a better idea of how to improve security between my MPLS sites.I currently have 10 MPLS sites sharing a 100 Mb backbone, each location is connected physicallyusing a L3 Switch provided by the Telco. I simply plug that L3 ...

Resolved! ASA NAT/ACL rule

Hello, I have a couple of servers setting in a DMZ, and communications sourced from the internal network are working correctly. When we try to back them up, though, the backup agent on the machine has to initiate the communication, and it fails.Inbou...

Complex NAT and ACL issue with multiple VLANS

Hello Forum. We have about 12 different VLANS behind an ASA 5515-x. One of those vlans contains a webserver and a DNS server (different machines, different IP addresses). ASDM 7.1.3From outside the firewall, people need to be able to get to the webse...

ASA config confusion

First I am new to ASA. Second, I have come across this configuration where 2x5525 ASA's are setup in active standby. But I am little confused how this is setup. For active I am doing ssh to 10.0.0.24 and for standby 10.0.0.23 Both ASA-active and stan...

Help me fight this design

This is easy. I am not being forced to accept an ASA design,, but I have been told about a design that an external vendor wants to dump on my company & I need reasons to fight it before its implmented. You won't believe this but its true. There an AS...

Resolved! Site-To-Site VPN via specific address

Hello all, We need your assistance in helping us construct a tunnel on ASA 5510 to our vendor's servers . We were given a 10-network unique IP address ( to add a level of complexity, we are using the same network on our internal interface, so I am wo...

A/A ASA in data center

Hello Team, I want to deploy two nexus 7K in a data center I want to utilize the VPC feature over my approach in current scenario I have two ASA 5540 in A/A , number of Inside vlans are 32 vlans. I have three questions as per the following:1- How sho...

Resolved! LU Allocated Connection Failed (ASA-3-21005)

My Cisco ASA 5510 failover is reporting the following error message: LU Allocated Connection Failed (ASA-3-21005). If anyone have similar issue and how you fixed. I will be glad and I will appreciate if someone that went trough this help me out to fi...

Resolved! Multiple External IP Addresses

Very new to ASA so please forgive me if this is right out to lunch. We are upgrading from a Juniper box to an ASA 5525-x. We have numerous none sequential external IP addresses that each have their reasons for being there. I can configure a single ad...

Resolved! Can SSH to ASA Outside Interface with Deny ACL on

Hi All,I am able to SSH to my ASA Outside Interface and I'm not permitting this via ACL.See belowaccess-list OUTBOUND_IN extended permit tcp any object TS object-group TS_PORTSaccess-list OUTBOUND_IN extended permit tcp any object TS_1000 object-grou...

ASA inter vlan routing

HelloQuestion, I have an ASA 5505 with one vlan. I have created a DHCP superscope on our Microsoft server 192.168.1.0 192.168.3.254Clients get the right IP however Clients can not communicate between subnets they can ping out to 8.8.8.8 but not goog...

Resolved! NAT / Port Forward

Hi All,I have the following config -object network Server nat (inside,outside) static x.x.x.xaccess-list OUTBOUND_IN extended permit tcp any object Server eq 3389object network Server host 192.168.10.10 Now this allows me to access the "Server" from ...

IP which only allowed for PAT

Hello, I am looking for example which allow some of the IP's belongs to INSIDE which can allow to using PAT method to access Internet. With reference to URLhttp://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/...

Resolved! Cisco ASA5512 RDP

Can you guys take look at this show run and let me know if I have this setup right....I am trying to RDP in from the outside in to a server, 192.168.0.100

Network Security

Forum Posts

CISCO ASA 5505 : How to block a ip doing brute force attack on Remote Desktop ?

MPLS Security Design

Resolved! ASA NAT/ACL rule

Complex NAT and ACL issue with multiple VLANS

ASA config confusion

Help me fight this design

Resolved! Site-To-Site VPN via specific address

A/A ASA in data center

Resolved! LU Allocated Connection Failed (ASA-3-21005)

Resolved! Multiple External IP Addresses

Resolved! Can SSH to ASA Outside Interface with Deny ACL on

ASA inter vlan routing

Resolved! NAT / Port Forward

IP which only allowed for PAT

Resolved! Cisco ASA5512 RDP

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

after FTD upgrade from 7.2.5.2 to 7.2.9 all snorts cpu are almost 100%

FMC Unable to Join CSSM On-Prem

Fixed: "show conn flow-rule qos" gives Syntax Error: Illegal parameter

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

ASA Static Routing same IP with different subnet masks

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC

FMC-ASA-SFR compatibility

FMCv Migration FMC2700