Network Security

HiSince I swapped a Pix Firewall for a Cisco ASA 5505 Firewall at one of our Sites the VPN Tunnel wont come upI'm getting this:asaXXXXX# sho crypto isakmp sa   Active SA: 1    Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)Tot...

I have one application that need to be allowed from IP address that belong to India and rest should be restricted.This can be done using the ACL but we would like to know is there any other way to do so. Like most of web servers take the IP address d...

I just got to work with a ASA in production having 8.x OS and I saw some strange thing . DMZ is assigned 70 security level while outside is 0 , while doing packet-tracer from DMZ to Outside ip it gives me a drop by ACL message ( tcp / icmp ) while it...

I have a Cisco ASA 5505 that has been configured to act as a router as  well.  I have configured 3 VLANS that have access to the internet.  For  some reason the "InsideWifi" and the "Guest" VLANS have very slow  internet speeds and sometime web pages...

I'm experiencing a rather strange issue that has me stumped.We are running an FWSM on a 6509 with a SUP720. Firmware 3.2(18), in MultiContext Routed Mode, with shared MSFC.Everything runs fine on this baby most of them time, however occasionally with...

My VPN users are able to access IPV4 resources, but not IPV6, all of my other user who are not VPN users are able to access everything V4 and V6.  Can anyone help me figure out what I have configured wrong?So my network goes: IPV4 flow = FIOS > ASA55...

Hi all,I am facing a typical issue.I have two router router x and router y.connected to one firewall.For particular  vlan  i have diverted the traffic from firewall to a diffrent router(with a dedicated link for vlan).Just asuume gmail ,hotmail etc a...

I am having touble with a NAT concept. What I have is a 3rd party software VPN product that basically tunnels encapsulated traffic to/from a server sitting inside the network. Right now this traffic utiluizes a physical interface on the ASA5510, but ...

Hi all,I have a question about NAT behavior on FWSM 4.0. The problem is email server (Company A) cannot connect to email gateway (Company B) on the outside network and it randomly happen. I got this error from server guy "Detail: xlate has blocked th...

There is ASA 5505:- 8.4(2) IOS- FLASH: 128 Mb- DRAM: 256 MbRequirements for 8.4(2) are acomplished: For the ASA 5505, only the Unlimited Hosts license and the Security Plus license with failover enabled require 512 MB; other licenses can use 256 MB.A...

I got myself pretty excited about deploying an ASA 5525X because of the forthcoming product. It would replace our existing ASA 5520 (with IPS). But I heard a rumor that IPS and CX are incompatible in the same unit. Can anyone confirm or deny?Thanks!-...