I have a DMZ on my firewall. DMZ interface is Sec-Level 50. I want the hosts in this DMZ to have unrestricted internet access, and very controlled access to inside hosts. My question, and I'm sure this has been asked before, is what should my ACL ...
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(86) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,580) -
Cisco Bugs
(39) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(147) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(30) -
Cisco Secure Firewall Management Center (FMC)
(136) -
Cisco Secure Firewall Threat Defense (FTD)
(167) -
Cisco Security Cloud Control
(8) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(263) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(32) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,576) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(322) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(92) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,580) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,777) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(8) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(641) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
First, I have little to no knowledge of firewalls and these types of devices.I did folllow the setup wizard and everything appears to be fine at the completion. However; something is not correct or missing. I have no internet access when connected ...
Resolved! E - outside back connection
Hi Everyone,When i do sh conn i see one connection with flags ESh connection detail shows E - outside back connectionI checked this is connection to ISP Router carrying GRE so need to confirm when we have flag E it always mean that connection is...
Resolved! Static NAT on ASA 9.1
Hello,I have inside host with the ip address of 189.37.122.98.I want to translate this ip address with 212.200.11.100.I create object below object for natUPDATED:object network ob1 host 189.37.122.98nat(inside,outside) static 212.200.11.100Inside IP...
GreetingsWe encountered issues and wondering if anybody had the same or similar issues with this code.We are sending print jobs utilizing TCP 1526/1527 ports from unix to unix server. But for some reason when larger files are being transferred this ...
In ASA 8.2 in single-context routed mode I had multicast stub forwarding working with igmp forward interface outsideon relevant inside interfaces with public-scoped IP addresses (no NAT), plus access rules on the outside interface such as access...
Hi AllI've been banging my head for a day on this one - maybe its really simple but I've looked at it too much!!! I'm running a pair of ASA 5525-X on v9.1(1) of the ASA S/W and 7.1 of ASDMThis is the scenario that I needSERVERA has 3 IP addresses (bo...
host = Windows Server 2003 in DMZ ( 192.168.171.21 )I can ping it from my INSIDE network ( INSIDE = 192.168.172.0 )But I can't connect via UNC pathaccess-list dmz_access_in extended permit ip 192.168.171.21 255.255.255.0 192.168.172.0 255.255.255.0ac...
Hi,I am pretty sure that you can't do this in previous versions and don't think it has changed in version 9.X but though I would check in with the community before righting the idea off completely.We are an ISP that does Managed Services, I am lookin...
I would like to get some thoughts on best practice regarding joining 2 different networks in the same building. 2 different companys 2 different networks, we are merging. Once networks are joined we will trust the windows domains. Both networks are ...
I have a Cisco 5510 with an inside network, outside network and DMZ network.Right now, they are all able to communicate fine. But I have to add a another VLAN to the inside network, and have it be able to communicate with the DMZ and outside network....
Hi ,we have a asa that block some ip dresse with this reason ( Drop-reason:(no-adjacency ) No valid adjacency ) and when i check the log i found this message for the same blocked ip adresse when they try to make dmvpn tunnel wyh the hub .Routing f...
Hi,We have deployed a Cisco NAC Agent in our network with GPO update... The deployment model is L3 OOB / Real IP Gateway.The issue is that, we need to put the IP address in each host manually to start communicating with Cisco NAC Manager.Is there any...
This is what I am seeing on the IDS (lots of these with lots of attackers - but always 0.0.0.0 for victime)evIdsAlert: eventId=6824202298114 vendor=Cisco severity=high alarmTraits=32768 originator: hostId: TAMUK_IPS-9 appName: sensor...
Hi,I heard someone at TAC say that the reason there is a 9.0 code release and a 9.1 code releas--both current versions---for the 5515X is...9.0 is for ASAs without the CX module and 9.1 is for ASAs with the CX module.Then I've heard someone say...don...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 12-31-2025 01:53 AM | ||
| 12-15-2025 09:32 PM | ||
| 12-11-2025 07:27 AM | ||
| 11-13-2025 12:52 PM | ||
| 11-03-2025 09:48 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 5 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |
