Network Security

ASA Failover

Can I know what is the difference between commands "Failover Lan" and "Failover Link". Which one enables stateful failover

Second public IP NAT translate on ASA 5512-x

Good morning,I will show you my config first for quick understanding Cisco ASA: 192.168.1.1Inside network: 192.168.2.*Cisco ASA 5512-X with WAN IP configured on the WAN Port. We have 5 public IP addresses from our ISP (let's say for example 10.10.10....

Urgent need for C6500-fpd-pkg.151-1.sy1.pkg

Hi everybody,Problem: I've recently got a new C6506E along with an ASASM for a client. But unfortunately during the boot-up process, the switch powers ASASM down and alerts of a software incompatibility! and it needs a FPD package that doesn't exist...

static nat and service port groups

I need some help with opening ports on my ASA using firmware 9.1.2.I read earlier today that I can create service groups and tie ports to those. But how do I use those instead of using 'object network obj-ExchangeSever-smtp' ? I have the ACL - acce...

Resolved! 5505 VPN and ACL Question

I'm setting up a site-to-site VPN to replace a private MPLS connection at a branch we're going to sell soon (so way cheaper to ditch the fiber and use Comcast).I have a tunnel that is seeming to work fine, but I have a couple technical points that I'...

Resolved! nat rules

I have enabled access rules for certain hosts to permit icmp from the dmz to access the inside interface but it still wont work.I was thinking no nat rules would be necessary, but are they? The security of the inside interface is a higher number than...

Resolved! Multiple NAT to network

I am trying to do the following on an ASA 5505 with Security Plus licensing.public IP ASA private IP ASA199.185.3.25 <-------192.168.1.254 ^ |--------192.168.2.254 ^ |-------- 192.1...

Resolved! allow icmp dmz to inside

In asa version 9.x how can I allow icmp (ping) from hosts in the dmz to the inside interface?Thanks.

Installing additional ASA feature licences

We currently have an ASA 5512x failolver pair in production running security plus licences (see below). We recenly purchased 2 Anyconnect Mobility licences and I am tasked with installing them on the appliances. I have redeemed the PAKs accociated ...

SNMP Traps on ASA5585-SSP-IPS10

Hi,I want to configure SNMP trap and Syslog on ASA5585-SSP-IPS10 with 7.x OS.I want to send thos trap or syslog on my SNMP.your help appreciated.

ASA 5512X Transparetn mode

Hi,We have four IP pools, 192.168.1.0/24 to 192.168.4.0/24 total 1024 ipswe have two ISP for broadcasting our ASNWe have configured 2 Cisco 2821 routers and 2 Cisco 3550 L3 Switches in a high availabilty[HSRP and BGP] from the L3 switches we have ...

Cisco ASA5510 Internet Speed Issue

Dear All,We have one Cisco ASA5510 firewall and we terminated 50Mbps leased line into that firewall.We tested the Internet line by directly connecting to my laptop, got 49Mbps download speed and 40Mbps upload speed.After that we connected my laptop t...

ASA 5510 VPN Lan IP allocation - please assist

Hi ALL,We recently had a VPN setup between CompanyA and CompanyBWe’ve had a bit of a shakeup of development servers and the IP address that was configured for the tunnel has changed.Because we can have multiple IP’s that are now initiating requests w...

Resolved! ASA 5510 Proxy ARP two subnets on same interface possible?

Hi allPlease se attached drawing hope you understand it.I have a FrontEnd Firewall (ASA 5510). Outside Interface on this firewall is connected to ISP edge router with a /30 network in between.The FrontEnd Firewalls Inside interface is in a /28 networ...

Problems accessing internal subnet from VPN

I am having an issue and hopefully someone can help. I have a cisco ASA 5510 that acts as our VPN endpoint. We also have a Juniper firewall that acts as our gateway.When a client connects to (VPN 192.168.15.0 subnet) and tries to access our internal ...

Network Security

Forum Posts

ASA Failover

Second public IP NAT translate on ASA 5512-x

Urgent need for C6500-fpd-pkg.151-1.sy1.pkg

static nat and service port groups

Resolved! 5505 VPN and ACL Question

Resolved! nat rules

Resolved! Multiple NAT to network

Resolved! allow icmp dmz to inside

Installing additional ASA feature licences

SNMP Traps on ASA5585-SSP-IPS10

ASA 5512X Transparetn mode

Cisco ASA5510 Internet Speed Issue

ASA 5510 VPN Lan IP allocation - please assist

Resolved! ASA 5510 Proxy ARP two subnets on same interface possible?

Problems accessing internal subnet from VPN

Hearty congratulations to the December Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Change IP address of FMC HA standby node

FTD Multi-Instance Data and Data-Sharing Interface

Firepower integration with Openldap

Adding Clustered node in SNMP manager gives error duplicate name

loug user out by himself

Internal Server Error and Certificate key usage inadequate for attempt

Where to migrate SFR redirect rules on FTD appliance

ASA 9.6 Global Inspect Policy

How to deploy Cisco Firepower Management Center?

Cisco FTD send RST when dropped by Snort / IPS