Network Security

Resolved! Installing aip ssc-5 in a failover pair

Hi,I have a pair of aip ssc-5's that needs to be installed in a pair of failover pair of 5505's. I wonder what the right process is, minimizing downtime. Will there be problems if I take the passive node down, install the aip ssc-5 and boot it up, be...

ASA 5505 (9.1.1) & Comcast Business Cable stops passing traffic

HiI am trying to determine why Comcast Business Class modem configured with a static IP (IPV4) works with a laptop or Linksys Cable modem but not with a Cisco ASA 5505. After a few minutes, the 5505 stop passing web traffic. I am able to ping the def...

Resolved! SHH Sessions in Syslog

I have a 2620xm router with SSH for authentication/access......I monitor the router with Syslog Watcher.....I keep getting messages in syslog that a SSH session from my workstation has been started and then terminated when I am not accessing the rout...

Resolved! Active-Active Failover Error

hi all,i'm trying to create an active-active failover scenario in GNS3 and encountered this error: ASA1/admin(config)# interface GigabitEthernet0.1ASA1/admin(config-if)# nameif insideERROR: VLAN must be configured for interface GigabitEthernet0.1i've...

PCI compliance question

There is some disagreement among members of my IT staff over a PCI-compliance scenario.I have two networks connected through an intermediate corporate network. One of the networks resides behind a firewall (FWSM) and a F5 with a layer 7 firewall. Cli...

Migrating stateful interface

Hi, I have a customer that has a pair of firewalls connected using a separate Stateful and Failover interface. I would like to amalgamate the two together. Would there by any impact with moving the Stateful interface onto the failover interface? I...

Resolved! IPS software module management

Is it posible to manage (over IP) IPS software module (ASA5555-X) in a different way than through ASA management interface or I have to use mgmt int if I want to use IPS?

ASA Management port with different route

Hi,I have some ASA 5510 in under setup now. I got some problem and I would like to connect the Management0/0 to Interenet but it will not same is subnet of "outside" interface. What should I do. Following is my part of interface setup:------------...

asa 5505 dual isp loadbalancing with router

Hello,My current network is like, have 2 ISP that is directly terminated on asa 5505 , on that Site-to-Site VPN is already working with vpn failover with both isp through sla monitoring. My requirement is loadbalace with both ISP traffic should pass ...

Resolved! NAT question with sw 9.1

Hi, this is probably a simple NAT question but I can't find answer.From my inside interface with security level 100, I can access servers on the dmz interface with security level 50.But if I publish a server on the dmz interface to outside, i can no ...

cisco asa 5520 version8.4(2) ---static PAT unreachable，why

I config static pat at asa 5520 but static pat unreachable ，why？ciscoasa# show run: Saved:ASA Version 8.4(2) !!interface GigabitEthernet0nameif Insidesecurity-level 100ip address 12.1.1.2 255.255.255.0 !interface GigabitEthernet1nameif Outsidesecurit...

Resolved! ZBFW "SIP Protocol Violations"

We have a site that is experiencing SIP Protocol Violation errors from the Zone-Based Firewall Policy configuration. Here is a little bit of info about the site design and some logs desplaying this particular error:-remote site connected to central s...

Site to Site VPN between ASA5510 and Sonicwall TZ200

Hi,I have setup a site to site VPN between Cisco asa5510 and Sonicwall tz200, the tunnel established successfully, but there is no traffice crossing tunnel. everythi is ok on the Sonicwall side, but asa is somehow blocking all the inbound a...

Can we Have CWS & IPS on the Same Appliance 5500-X Series Firewall

Dear All,I have a doubt regarding Cisco ASA 5500-X Series Firewall.Can we Have CWS or AVC/Web & IPS on the Same Appliance 5500-X Series Firewall ?Regarrds,Sahib

Resolved! DST-NAT Query

Hi Experts,Given a scenario where I have a hosts say 10.1.1.0/24 on the inside interface of the ASA (code 8.3 above), and a DMZ proxy with IP say 192.168.1.1 and an outside interface as usual, if I create the below manual nat statement, will traffic ...

Network Security

Forum Posts

Resolved! Installing aip ssc-5 in a failover pair

ASA 5505 (9.1.1) & Comcast Business Cable stops passing traffic

Resolved! SHH Sessions in Syslog

Resolved! Active-Active Failover Error

PCI compliance question

Migrating stateful interface

Resolved! IPS software module management

ASA Management port with different route

asa 5505 dual isp loadbalancing with router

Resolved! NAT question with sw 9.1

cisco asa 5520 version8.4(2) ---static PAT unreachable，why

Resolved! ZBFW "SIP Protocol Violations"

Site to Site VPN between ASA5510 and Sonicwall TZ200

Can we Have CWS & IPS on the Same Appliance 5500-X Series Firewall

Resolved! DST-NAT Query

Cisco FTD/FMC IPsec Tunnels: “Up” Doesn’t Always Mean Working

Cyber Vision Sensor version

FTD 7.2.5.1 → 7.6.2 Upgrade sftunnel TLS Failure — Certificate Mismatc

Suppress Closed Responses on Non Existent TCP/UDP Ports

FMC Upgrade to > 7.4 || 7.6

Cisco official documentation to disable TLS 1.0 and TLS 1.1 on ASA

Network Design: New Collab Lab + Home Cloud/ Wifi

FTD AnyConnect RADIUS Authentication Issue Through IPsec Tunnel

Cisco FTD Evaluation Mode

Deployment is failing due to the policy changes report request in prog