Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

“Join

 
Labels

Forum Posts

Hi                   I am trying to ensure that I match the Amazon Web Services config I have been given for a VPN, but I always get the "duplicate first packet" error and it never makes the IKE SA.In looking further into the config, when I see the C...

Hi everyone,We are going through an IA audit and the IA tema would like me to change the SS/SSH kLey strength from the default 1024 to 2048.How can I accomplish this on IPS module in a ASA 5525x firewall? I see where i can regenerate a new key throug...

     Guys this is my first attempt at setting up IPS and I am obviously missing a trick. No matter what IP address I apply to the sensor I cannot attach.I am expecting to be able to attach to the IPS via the FW inside interface. Thanks in advanceASA ...

I have the following rules on my ASACan someone please confirm below.Inisde incoming -  is this not the same as outside incoming why would you use this? Inisde outgoing - any traffic from inside network to internetoutisde incoming - this is anyone fr...

How does a transparent firewall intercept traffic in order to inspect and filter it?  I'm not clear on the physical makeup of the design.  If I have a vlan with some hosts I want to protect and connect the inside and outside interfaces of an ASA to t...

Back when I was using Microsoft ISA I was able to setup rules that would (permanently) block a host exhibiting certain behaviour. I am trying to achieve the same using a Cisco ASA IPS.We have certain special ports open on IP addresses but the common ...

pdeleanu by Level 1
  • 966 Views
  • 3 replies
  • 0 Helpful votes

I'm trying to move my configuration from a Chekcpoint firewall to an ASA 5520 firewall.My problem is related to the rel 8.4(6) NAT features that seems quite different from the Checkpoint format.For example in the Checkpoint firewall I've the followin...

rosarra by Level 1
  • 2910 Views
  • 4 replies
  • 0 Helpful votes

The documentation for Signature 1306 states "This signature will NOT function in promiscuous mode." So if this signature is reported by a device which is running in promiscuous mode, what does that mean? Something is causing it to trigger - so there ...

I have the following configured on an ASA running 9.1(2)object network Webserver Host  10.10.10.1 nat (DMZ,outside) static 208.2.3.4Access-list knock_knock extended permit tcp any object Webserver eq httpAccess-group knock_knock in interface outsideB...

Review Cisco Networking for a $25 gift card