Network Security

Resolved! ASA management interfaces

Hi,We have an ASA 5585-X SSP40 that has 2 management ports 0/0 and 0/1.We have 2 Catalyst switches (switch1 and switch2) working as management switches and they carry the management VLAN.I was wondering if we could connect management 0/0 to switch1 a...

ASA in HA

Hi, I have been running cisco ASA 5525 ver 9.1(2) in HA mode, primary is active and secondary is standby.I have configured below ip configuration on inside interface.interface GigabitEthernet0/1 description ####LAN #### nameif inside security-leve...

Multiple service policies on ASA

I created a service policy that uses REGEX expressions to limit access to certain websites on my ASA firewall. I then applied this policy to the interface However, the global policy still exists on the firewall (the default), which, by design affects...

Resolved! switching the IP of the tacacs server -

Hi All I looking to reloacte a tacacs+ server from the inside to the DMZ and therefore the server will be on a new ip range.I will be looking to role out these command using cat tools as I have a lot of switchesthe config on switches is below exist...

URL and Content Filtering in IOS- What is in EOS/EOL?

Hi Everyone,Content Filtering is now in EOS, LINK: http://www.cisco.com/c/en/us/products/security/ios-content-filtering/index.htmlbut, how about URL filtering for cisco IOS?Is it as well in EOS/EOL? To add on that, how do I update the URL filtering p...

Resolved! ASA-Port Question

Hello,I've got internal devices connecting back to one particular server using a strange port. I rebooted the server and now there all connecting to a different port still using a strange protocol.Is there a way to look on the firewall to see if the ...

ASA point-to-point VPN problem

Hi, i have VPN-tunnel up between ASA5512X <-> ASA5512X.There is one laptop also connected to both ASA's LAN-port and ping between these laptops through tunnel success 100%. But when I remove another laptop and replace it -> router device with same IP...

No ACL deny logs for Traffic not matched by Static Object NATs and ACL. Need Help.

I start noticing that I do not see any denied traffic coming in on my ACL. To better explain, lets say I have this config.### Sample Config ###!object network webserverhost 192.168.1.50nat (dmz, outside) static X.X.X.X service tcp www www!access-lis...

Resolved! acl's with wildcard in fqdn

Hello,I am aware that you can set up an acl using a fqdn, but is there a way to set it up using a wildcard. I am trying to set up the acl to give access to a ftp server from "*.example.com". This is on an ASA 5510 on code version 8.4(3). Thanks!

ASA5515-X Clustering

Does the latest software 9.2.2.SMP.ED supports ASA Clustering for the 5515-X?

Running Qualys Connecter via Cron Job Fails

Running a Qualys Connector manually succeeds, but when I try to automate it using cron, I receive the following error: Can't locate SFCheckPreReq.pm in @INC (@INC contains: /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_...

Resolved! ASA question

Hello Forum Device - Cisco ASA 5540 (9) Is it possible to create rules to allow a VPN user to login using his Windows laptop but stop his IPAD? Thanks for the help.

Remote storage feature of Bitvise WinSSHD 6.02 does not work with FireSIGHT System

Bitvise WinSSHD 6.02 is not working with FireSIGHT System. The prior WinSSHD versions are exhibiting the same issue.

Packet that triggered a "dropped" intrusion event reached a target host

Some packets from exploit attempts reach target hosts, although the intrusion events for those attempts show the related packets as dropped.

Resolved! ASA 8.2 NAT Inside to DMZ with port forward

Customer request to use destination NAT and port forwarding to access a server from inside to dmz. The packet tracer shows it is using the Dynamic NAT instead of the static NAT if I use the following command and traffic will fail. (traffic NAT out th...

Network Security

Forum Posts

Resolved! ASA management interfaces

ASA in HA

Multiple service policies on ASA

Resolved! switching the IP of the tacacs server -

URL and Content Filtering in IOS- What is in EOS/EOL?

Resolved! ASA-Port Question

ASA point-to-point VPN problem

No ACL deny logs for Traffic not matched by Static Object NATs and ACL. Need Help.

Resolved! acl's with wildcard in fqdn

ASA5515-X Clustering

Running Qualys Connecter via Cron Job Fails

Resolved! ASA question

Remote storage feature of Bitvise WinSSHD 6.02 does not work with FireSIGHT System

Packet that triggered a "dropped" intrusion event reached a target host

Resolved! ASA 8.2 NAT Inside to DMZ with port forward

Suppress Closed Responses on Non Existent TCP/UDP Ports

FMC Upgrade to > 7.4 || 7.6

(SNA) Changing Actions associated to Rules within Response Mangagement

DHCP on Firepower 1230 with FTD 7.7

Router CGR 2010 Blocks IPs Automatically

ANC correlation error

ASA, Packet Tracer and Activation key

ASA5512X Failover Communication Failure

ASA boot/console logs to file

FMC/FTD 7.6 Exempting Traffic from Packet Capture