Network Security

Resolved! Got warning message when configuring nat on 8.3 and later

Hi All,I'm configuring the nat on a ASA5525 running on 9.1.2 and got 2 questions, 1. Is the below overlap warning message normal and will not cause any issue? 2. Is there a simple way on 8.3 and later to fulfill the same functionality like 8.2 and ea...

Adding failover ASA back after config changes on "primary" ASA?

I had a working active/passive pair of ASA5510's, and then I had to do a rush firmware upgrade, but didn't have time to do it on the secondary at the same time. Now I have made config changes and upgraded the secondary firmware to be the same, and w...

Which Debug

Hi All,I'd like to see if an ASA is blocking / dropping traffic whenI try to connect to a server. I'm basically getting timeout errors every so often, and want to see if it's the ASA which is in the path of the traffic.What's the best Debug command t...

Resolved! ASA 8.2 multiple nat statements?

Hi,I would like to config "when host X on vlanX goes to a network that is across an ipsec tunnel, for which vlanX network is not in the encryption domains, translate host X address to that of the asa in a network that is part of the crypto domain".In...

Resolved! Combining dynamic l2l peers

Hi,I just managed to completely screw all our tunnels when trying to configure l2l to allow a remote peer with dynamic address to form a tunnel with me.I'm pretty confident that my dyn map kicked in on every tunnel, and then the phase 2 would fail be...

Resolved! A little background on pix, VPN concentrator,ASA

Hi everybody I am just trying to understand how Cisco's security products evolved so I can better understand themThese are some questions I have:1) Before PIX came along, what Cisco product we used and what security features we could implement with...

Resolved! Need help to allow traffic through firewall to DHCP server

Hi Experts,My setup is as belowinside host--> ASA1--Outside interface- layer_ 2_Switch1--outside interface--> ASA2--inside interface-DHCP SERVER.We want that inside host should get ip from subnet 192.168.10.0 /24. This ip pool is configured in DHCP s...

CISCO ASA 5510 Communication between two internal Interfaces

I've been following most of the comments in regarding how to allow communication between two internal networks on a ASA5510 8.2.5But I am still a little confused about to how to set my firewall. I made chages to it and still do not have the desired r...

Resolved! IOS zone based firewall

HI everybody.I have few questions.policy-map type inspect PING class type inspect PING inspect class class-default pass1)What is the order of operation? The" inspect" action will apply only to class " PING" . The action " pass" will be applied to...

ASA-5510 - SIP ACL traffic not working.

I have an ASA with an outside ACL that is configured to allow 208.84.248.95 SIP/5060 to 1x.x.x.46. I show no hits. I added an ACL to do a packet capture, it sees the packet coming into the ASA but not going to the ServProv interface. I see hits o...

portmap translation creation failed for tcp src inside:192.168.91.35/32483 dst dmz4:10.10.7.21/443

Hello all.I am having an issue where clients at remote sites can not access website in our dmz. Any thoughts?Thanks.

Resolved! Cisco ASA 8.4 Inter interface Communication (1)

Hello, I have two ports I want communication between and I feel like it should work but still even pings fail. Below are the relevant entries from the running config. Any idea what I'm missing? Thanks. P.S. (1) Because wouldn't let me post otherwise....

Resolved! Cisco ISA firewall

how to block specific ip address to use facebook and youtube in ciscoISA 500 series firewall?please answer with step by step i am new about it !

Resolved! NAT for multiple ports

Hello Support community,I'm looking to simplify some of the nat commands that I need to use, and I would like to ask, is it possible to map 2 real ports to 2 translated ports using a single nat command? for example, I have a web server in DMZ hosting...

Changing ISP, how would I go about updating the public IP's on ASA

Hello,We have 2 x ASA 5520s in active/standby and we have a block of 30 public IP's that NAT to many servers etc and we use it for our Corp VPN. We are changing ISPs soon and we will be getting a new block of public IPs where do I even start to pl...

Network Security

Forum Posts

Resolved! Got warning message when configuring nat on 8.3 and later

Adding failover ASA back after config changes on "primary" ASA?

Which Debug

Resolved! ASA 8.2 multiple nat statements?

Resolved! Combining dynamic l2l peers

Resolved! A little background on pix, VPN concentrator,ASA

Resolved! Need help to allow traffic through firewall to DHCP server

CISCO ASA 5510 Communication between two internal Interfaces

Resolved! IOS zone based firewall

ASA-5510 - SIP ACL traffic not working.

portmap translation creation failed for tcp src inside:192.168.91.35/32483 dst dmz4:10.10.7.21/443

Resolved! Cisco ASA 8.4 Inter interface Communication (1)

Resolved! Cisco ISA firewall

Resolved! NAT for multiple ports

Changing ISP, how would I go about updating the public IP's on ASA

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

same question, same issue, Intervlan routing not possible at FTD

Migrate from FMC virtual 300 to FMC virtual

FMC Connection Events Export

Technical presentation document for Firepower needed

KDC has no support for encryption type on ASA 9.18(4)22

FTD 3105 : the disk /dev/nvme1n1 is unable to be unlocked or reverted

Stateful Firewall on Cisco Catalyst 9300 Series SwitchesStateful Firew

connetion events in FMC

Cisco FMC strong encryption license code

Cisco FMC 1000 Last Date of Support July 31, 2024