Network Security

Resolved! user based content filtering on terminal server. can CSC handle this?

Hi all,Can CSC Trend Micro ASA module handle AD user/group based filtering on a multi-user server(eg. MS Terminal, Citrix)?Or is there another solution?Thank'sNorbertSent from Cisco Technical Support iPad App

Cisco CSC Web Filtering and Citrix\Ts users

Hello we need to buy a cisco CSC module for cisco ASA, and we're using Citrix Presentation server and Terminal Server Users, is CSC capable of ahtentitcate transparent the users in citrix (x users are using same IP)?, the CSC uses ntlm for this?, tha...

Resolved! Telnet to ASA from Nei Switch

Hi Everyone.I have ASA connected to Switch.This is outside connection.I was trying to Telnet to ASA from Switch which has outside connection to ASA.I config the commandtelnet 192.168.0.0 255.255.0.0 outsideStill from Switch i am unable to telnet to...

RDP through L2L problems.

Having a strange issue with RDP to an XP machine through a L2L tunnel.Tunnel is between an ASA5505 and ASA5510. Site A 5510, Site B 5505I have a handful of Win7 and XP Dev machines running on ESXi 4.1 within Site A.Site B to Site AI can RDP to all Se...

firewall creating loop in dmz

We have seen ( though very intermittently , once in 3-4 months) that interface utilization on the switches in DMZ touches almost 100%. Here is our rough topology:Netflow collector----firewall---DMZ---edge router(10.1.1.1) fw1 ...

ASA8.2(4) - permit IP option 7

How to configure ASA not to drop packets with ip option 7 (record route)? According to the docs, ip inspect ip option will drop all ip option packets except 0,1,and 20 (EOOL, NOP, or RTRALT):"If an IP header contains additional op...

Disappointed: ASA 8.4 Redundant using Port-channels

So I finally got all our ASAs upgrade to version 8.4 and was all sorts of excited to configure port-channels to our 6500 + SUP7203B switches. I was severally disappointed to discover that I cannot configure two port-channels and have them be members...

ASA5512-X power on after power fail

Hi,I have x2 ASA5512-X in a failover pair.I'm testing power on following power failure.Has anybody done this before?I have a delay of boot on a seemingly random chassis,often one powers up straight away, and the other follows later - but I can't fath...

Resolved! icmp deny any inside on ASA

Hi Everyone,I applied this on ASAicmp deny any insideAfter applying this1>From ASA i can ping the inside interface IPciscoasa# ping 192.168.1.1 *********************************************************************************************Inside Inter...

ASA 5510 cross interface issue

We have a 5510 (8.2) with the following 4 interfaces (security-levels) inside (95), outside(0), dmz(25), and test (95). The dmz network is 10.10.10.0/24 and the outside interface is 40.133.84.69.We have run into a situation where a dmz hosted iRedMa...

Access from server to sftp through Asa

Hi All,I could find the sftp connection established through my Newyork firewall , but the same is not going through the Montreal firewall;Please help us what to do for the setup to work on, TCP outside 65.207.115.36:2200 inside 10.35.17.52:53569, idl...

Resolved! How to generate specific traffic types for testing?

Hi all. Is there a good tool or tools (Windows-based) for generating and testing traffic through specific ports to a remote host? I know what I am asking for but not sure how to put it into the right words, so here' s an example. Normally in a situ...

Resolved! What's wrong with this firewall config? (Basic setup)

I've got a single router (IOS 15.0), 1 inside interface (vlan1) and one outside int, gig0. Using Zone-based firewall. Router has NAT, using a static entry as follows: ip nat inside source static tcp 192.168.5.150 3389 <my external ip> 35411 extenda...

ASA find out allowed ports

Hi Security Experts,Is there a way we can find out on what all ports is the Cisco ASA allowing/dropping connections between two hosts (each host on a different interface on firewall). I am interested in finding out what all requests come from one hos...

Resolved! ASA 5510 with IPS module

HelloI have a couple of ASA 5510 firewalls configured and working. I'm now charged with configuring the IPS modules. I'm having to do this remotely. Since the IPS module hasn't been configured I'm guessing it's on 192.168.1.2 with the default user...

Network Security

Forum Posts

Resolved! user based content filtering on terminal server. can CSC handle this?

Cisco CSC Web Filtering and Citrix\Ts users

Resolved! Telnet to ASA from Nei Switch

RDP through L2L problems.

firewall creating loop in dmz

ASA8.2(4) - permit IP option 7

Disappointed: ASA 8.4 Redundant using Port-channels

ASA5512-X power on after power fail

Resolved! icmp deny any inside on ASA

ASA 5510 cross interface issue

Access from server to sftp through Asa

Resolved! How to generate specific traffic types for testing?

Resolved! What's wrong with this firewall config? (Basic setup)

ASA find out allowed ports

Resolved! ASA 5510 with IPS module

Hearty congratulations to the December Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

FTD manger by FDM and RADIUS authorize-only

Anyconnect on Cisco 886 not working

Change IP address of FMC HA standby node

FTD Multi-Instance Data and Data-Sharing Interface

Firepower integration with Openldap

AIP SSC-5 signature updates

Config ASA for outgoing emails from exchange server inside

FTD 7.0.5 export Certificate of Device Identity

"logging monitor debugging, logging buffered debugging..."

Firepower denying packets due to wrong category