HI Guys I have read many articles but I need a details explanation on what is the difference between drop and deny.Your answers are really appreciated. Thanks!
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(9) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,534) -
Cisco Bugs
(33) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(140) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,165) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(7) -
Cisco Secure Firewall Management Center (FMC)
(42) -
Cisco Secure Firewall Threat Defense (FTD)
(65) -
Cisco Security Cloud Control
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(43) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(258) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(27) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,572) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(2) -
Network Management
(92) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,560) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,772) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(629) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(25) -
VPN and AnyConnect
(1) -
Vulnerability Management
(42) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Dear Sirs I am configuring an ASA5510 before implementing it on my network. I have 1 ISP for internet connected to Outside Interface, a DMZ Interfaces and 2 inside interfaces. One of these inside interfaces is Outside1 will be connected to a router t...
Hi,IS it ASA cisco 5510 desnt support VPN sha-2 ?Can i have the document
I've got a PIX firewall running 6.3(1) and I can't get any traffic to go from Outside to Inside and I can only get icmp traffic to go from Inside to Outside.I've tried to open it up completely so all traffic will flow (will the though to locking it d...
I have a site to site VPN configured. It was working fine until today. Packet tracer says ALLOW all the way through flow creation. However, I cannot ping the devices (where I COULD yesterday). I'm at a loss. To me this indicates a change elsewhere. A...
I have a customer with 2 running 5520's version 8.2(and configs several thousands of lines long)(we're not in a position to upgrade these)The customer has bought 2 new 5525-X with version 8.6(and this can't be downgraded to 8.2)How do I get the 8.2 c...
Hi all,Can anyone explain what is more secure when addressing the outside interface of a firewall in a network diagram?1st option: ISP router: interface 1 (connected to the internet). ...
I'm currently using an FWSM and we are migrating to the ASA with 9.1 code. The nat is WAY different and I have some questions:1) To do a PAT to the outside, is it just object network TEST123 subnet x.x.x.0 255.255.255.0nat (inside,outside) dynamic <...
HiI have two cisco ASA routers & wish to connect them together so that traffic between is permitted with out going outside interface.Two asa are located at in ONE office and two have separate internet connection (ISP) configured. So here is what I di...
Hi All,In my quest to learn Cisco IOS and devices, I need some help in traffic shaping, or access-lists, specifically allowing traffic between internal interfaces on the ASA.I have an ASA 5510:LAN/WAN/DMZ labled ports E0/0 (LAN), E0/1 (WAN), E0/2 (DM...
Hey guys!We've started using the AD Agent a year back or so, and now we've migrated to CDA but we're having some issues.We have 4 domain controllers and they are configured in CDA and show as OK, so all good there.But the ip to username mapping is no...
Hello everyoneI am having some problems trying to set up a simple one-to-one NAT between a public IP and a DMZ server. I've spent a number of hours staring at this problem and I'm hoping one of you can spot whatever I have missed.The ASA has 4 interf...
Hi,Currently I will have an ASA-5525-X in multiple context mode, since this will be at Remote Datacenter, I'm planing to access the solution through an IPSEC tunnel.....Remote-Access tunnel, not an L2L tunnel, I know this was not supported until vers...
Hello all . I can get the current host count running below command . sh local-host connection Detected interface 'outside' as the Internet interface. Host limit applies to all other interfaces.Current host count: 10, towards licensed host limit of: 5...
HiMy background is Wintel servers, but thought I should get to grips with some Cisco networking so brought a second hand ASA 5505 from eBay for home to play with. When it arrived the previous config had not been cleaned down and there was a password ...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 09-19-2025 11:14 AM | ||
| 08-29-2025 08:17 AM | ||
| 07-16-2025 04:21 AM | ||
| 07-06-2025 01:40 PM | ||
| 07-04-2025 01:59 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 1 | |
| 1 |
