Network Security

Can you do a debug of TCP sessions in a FWSM?

Hello,Is there any debug or show command to see when the tcp connections are opened or closed in an FWSM? I know that in the current versions of ASA for this you can do a "debug tcp", but there is any command on the FWSM to do something like this?Tha...

PIX 515E Memory usage increase to 100%

Hi allNow I have the big problem with my PIX 515E which run on ios 7.2(2) and 128MB memory. When it has started, memory usage is about 46% and it increase 0.1 - 0.5% every 10 minutes to 100% before it down.So have any one can give me the suggestion t...

syslog outside traffic through firewall

I have question as to the best way to perform the task of sending syslog to my logging server on the inside of my network.I have a couple rotuers and a DMZ with some device in it that I need to collect log info from. I have a 5525X connected to exter...

Resolved! Implementing "object-group service"

Running 8.2(3) on an ASA 5510I have created the two following object groups. object-group service gatewayTCP tcp port-object eq 88 port-object eq 135 port-object eq 445 port-object eq ldaps port-object eq 3268 port-object eq 3269object-group service ...

Cisco Nexus 1000V - DMZ - ARP

Hi there,Thanks for reading.I have a VM (VM1) connected to a Nexus 1000V distributed switch. The 1000V has a connection to our DMZ (physically, an interface on our Cisco ASA 5520) which has 3 other VMs that are successfully serving up in the DMZ. The...

NAT Issues continue with ASA 5510

I am still having access issues when using NAT on my ASA 5510. I think it is due to the way I have my ASA setup and the usage of PAT and NAT. I am not sure of the differences in them as of yet, but because I have routers behind my ASA, it seems to me...

Resolved! ASA 5505 DMZ for Wireless Guest Access

Hello,Here is my delima:I'm deploying an Apple Airport Extreme BaseStation with 7 Airport Express "repeaters" throughout my network/building. The Apple only allows two wireless networks, private and public. Your can only select from 192.168.x.x, 172....

Resolved! Understanding teardown from log

Is the Reset-I always from the device on the higher security level interface (in this case 172.16.112.10/3389?In the second case, what conclusions can be drawn from the teardown information "TCP FINs" - who is it that send the first FIN?I'm strugglig...

Resolved! ASA IPS Test

If my ASA IPS is in promiscous mode, can I demonstrate traffic bloc/drop for any signature?I am sure in inline mode it can be done but is it possible with promiscous mode since in this mode the traffic is only duplicated and sent to IPS.

Changing SSH Max-attempts to 3

What is the correct way now to make set the maximum SSH attempt to 3. All I have found in the new versions (9.0 and above) is the aaa-server max-attempts. Can someone point me in the correct direction?Thanks,Jeff

Resolved! Cisco ASA 8.3+ NAT Based on Internet Source IPs

Hi,I don't think this is possible but want a second opinion on it. The scenario is two Internal LAN/Inside servers with a private IP each.One Public IP on the Outside Interface. The customer wants to use one URL that resolves to the Public IP on 443 ...

ASA 5505 9.1 Correct office Global Access rules via ASDM

Hello Everyone. I am pretty new to this networking stuff so please forgive my ignorance. I have been going thorugh material for days now to try and get up to speed on setting up our small office network which is one job I have been give...

ASA 5510 / Aironet 1140 / Apple iDevices

Good MorningOn Wednesday of last week, I upgraded to IOS version on my ASA 5510 to the latest version. Since this upgrade, I have been having issues with certain wifi clients (Apple iDevices) obtaining IP's via DHCP from the ASA. Nothing changed on t...

Resolved! Cannot connect to other clients in Remote access VPN (ASA)

HiI have a cisco ASA 5510 device configred with remote access VPNI can connect all host on INSIDE and DMZ network, but not able to access other clients connected to same VPN. For example if I have 2 clients connected to VPN, clientA and clientB, with...

how to connect to other clients on remote VPN (ASA)

I have a cisco ASA 5510 device. I have confiured remote access VPN on it.It works fine, i can connect to hosts on INSIDE as well as DMZ, but i cannot connect to other clients that are connected to same VPN.For example i have to clients connected to V...

Network Security

Forum Posts

Can you do a debug of TCP sessions in a FWSM?

PIX 515E Memory usage increase to 100%

syslog outside traffic through firewall

Resolved! Implementing "object-group service"

Cisco Nexus 1000V - DMZ - ARP

NAT Issues continue with ASA 5510

Resolved! ASA 5505 DMZ for Wireless Guest Access

Resolved! Understanding teardown from log

Resolved! ASA IPS Test

Changing SSH Max-attempts to 3

Resolved! Cisco ASA 8.3+ NAT Based on Internet Source IPs

ASA 5505 9.1 Correct office Global Access rules via ASDM

ASA 5510 / Aironet 1140 / Apple iDevices

Resolved! Cannot connect to other clients in Remote access VPN (ASA)

how to connect to other clients on remote VPN (ASA)

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FMC - Failed to install rule update: Another Rule Update running

Hello, I have 3 questions about the FMC CLI, OCSCP and multiple certs

after FTD upgrade from 7.2.5.2 to 7.2.9 all snorts cpu are almost 100%

Hybrid Exchange/ SSL Decryption Error

FMC Unable to Join CSSM On-Prem

Cisco ASA RADIUS for SSH and LOCAL for Serial

9200和9300，通過管理口進行tacacs認證失敗，找不到原因

ASA Static Routing same IP with different subnet masks

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC