Network Security

IOS IPS/IDS on a BGP Peering Router?

We have a pair of BP peerings between our network and our upstream service provider. Since the peering points are geographically distributed and we run a "cold potato" routing policy on our network we cannot guarantee symmetric routing for traffic e...

ASA migration to OSPF from static routes

Hello,I have 2 ASAs (5512-x running 8.6) connected by a VPN that I am attempting to migrate to use OSPF instead of the existing static routes. I already have OSPF working over the VPN. I figured that when I am ready to activate the OSPF routes I wo...

Resolved! Inbound TCP connection denied from x to y

Hi Everyone,Seeing following logs on ASA: Inbound TCP connection denied from x to y flags SYN ACK on interface Net Inbound TCP connection denied from x to y flags ACK on interface NetDoes this mean that there is Asymmetric route or missing ACL?Rega...

can't ping remote networks via GRE tunnels between cisco routers

Hello,i've installed two ASA in two offices, all works well but from ASA inside interface i cant' ping my remote networks.The two sites are connected with GRE/IPsec tunnels. From routers i can ping my remote networks (both sides).I've looked in the f...

Licence for backup ASA5525 in an active/backup concept

Hi!In my current concept I have a ASA5525 with multiple contexts which is licensed for 20 security contexts. Now I want to add a second firewall to create an active/backup szenario.Does the backup firewall also need a license for 20 security context...

Regras - FWSM (NAT Internet)

Galera,Boa tarde!No FWSM quando vou realizar um NAT para que um servidor tenha acesso a internet através do FWSM faço o seguinte:InformaçõesSequencia: SERVIDOR --> FWSM --> INTERNETInterface Internet: TESTERede Interna: 172.30.30.10Interface Externa...

IPS Signatures for Web server

I am having a web servers configured and cisco has a total of 6500 signatures in database . I was wondering if someone has a sample or best practises document which points out specific signatures we should enable for web servers . Once that is done I...

ASA Crypto maps and ASDM

Hello all,I have a number of problems.First, attached are 2 different config files. First one is from a running system that works, FP1-NNTL, however, the crytpo map for the dynamic are not working properly and if I go to add another site-2-site tunn...

Could not locate IDB for interface: gig0/2.40

Hello. I try to configure 2 ASA5525 in Active/Standby mode. I connect both ASAs to my 3750-stack switch through 2Gbps Etherchannel link.I split my Portchannel 1 in few subinterfaces (9, 12 and 52 vlan). Each subinterface have the same mac-address as ...

IPS 4240 boot problem

Hi ,all ips 4240 ， boot screen display this information again and again ， it’s not work when i try to copy a new image to flash card from tftp ， test the flash card is ok ，so what should i do to fix it CISCO SYSTEMS Embedded BIOS Version 1.0(11)...

Resolved! Configure NAT on ASA

Hi Everyone,I need to configure NAT on Cisco ASA 5520 and NAT has to translate inside ip address to outside ip address with a specific range of ports.How can I do it?Regards,Evgenii

simple question

What is the difference in the following:access-list 100 permit tcp any any a.b.c.d 0.0.0.255 w.x.y.z 0.0.0.255 eg 22access-list 100 permit tcp a.b.c.d 0.0.0.255 w.x.y.z 0.0.0.255My question is: does the 1st one allows only ssh traffic?does the 2nd on...

cisco ASA 5520 supports wan link speed in mbps

Cisco ASA5520 supports How many Mbps link speed?

NAT issue routing internet traffic inside.

This issue has been resolved by using Nat (inside) 0 0.0.0.0 0.0.0.0 and removing the static nats. 8/14/2013 I have been tasked with sending internet traffic 80,443, & ftp through the inside interface of this firewall. Internet traffic was o...

Resolved! How to prevent/allow admin access from certain ip address.

Hellotrying to setup the following scenario:have a user BOB created in Cisco ACS 4.2have several network devices with different management IP addresses all added in Cisco ACS 4.2want to be able to allow BOB to access network devices only if BOB's ac...

Network Security

Forum Posts

IOS IPS/IDS on a BGP Peering Router?

ASA migration to OSPF from static routes

Resolved! Inbound TCP connection denied from x to y

can't ping remote networks via GRE tunnels between cisco routers

Licence for backup ASA5525 in an active/backup concept

Regras - FWSM (NAT Internet)

IPS Signatures for Web server

ASA Crypto maps and ASDM

Could not locate IDB for interface: gig0/2.40

IPS 4240 boot problem

Resolved! Configure NAT on ASA

simple question

cisco ASA 5520 supports wan link speed in mbps

NAT issue routing internet traffic inside.

Resolved! How to prevent/allow admin access from certain ip address.

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Configuring OKTA SAML on FTD 7.2.5

Palo Alto to Cisco Migration Tool count_summary error

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

firepower custom URL feed in ACP rule

Need to restore new FTD2100 via locally/FDM with backed up configs?

How to - ASA trustpoints must be manually migrated to the management

FMCv in Azure Hosting Multiple HA Clusters and License

please help me configure TFTP access-list on ASA for device management