Network Security

I know it is a stupid question.I say the answer is ten.  That means ten hosts can be behind the firewall and hit the internet.  The eleventh doesn't get to go out.I'm being told by a coworker that the "10" in the part number refers to the number of I...

Hello Experts,We have our Production Servers placed at ISP DC where we are using Cisco ASA firewall model 5505 and all the servers placed behind the firewall.The bandwidth we have 100 MBPS and there is no IPS device in between. Since long time, we ha...

I am working on locking down the ASA and I am looking for the commands to set the number of failed authentications before it won't accept login attempts from that host.  I found a single command to set the max times but what about the max duration or...

Hi All,The situation is as follows:I have an interface on the my ASA dedicated for unmanged devices that can get to the internet only.  no access to any other networks behind the ASA. These users want to use our mail server on the network but they us...

Im looking at the IPS modules at the moment that seem to have an ongoing issue of the Analysis Engine crashing. This runs as a process called sensorApp located in /usr/cids/idsroot/bin/When its originally launched it runs without problem using a -z s...

Hello Experts,We  have our Production Servers placed at ISP DC where we are using Cisco  ASA firewall model 5505 and all the servers placed behind the  firewall.The bandwidth we have 100 MBPS and there is no IPS device in  between. Since  long time, ...

Hi,I'm trying to use qos to police traffic where a certain host should not go above 5Mpbs at any time and if the traffic is exceded it should be dropped.I have trying to play around with the below but the host machine can still access the full bandwi...

I feel this is a fairly easy straight forward problem. I have a NAT translation from inside,outside and it's to translate 449 to 443, translation is working great and this is all this public IP is used for. Problem is the device on the other end need...

I've been tasked with converting a Netscreeen fw to ASA 5520. All is well except for some of the fw policy where they have used fqdn for a host in the "untrust" portion of the policy. On the netscreen, you can configure a dns server and it will go ou...

Hi all,this is something not supported by Cisco any more. I would greatly appreciate if someone could advice me on this pleasePIX is in a Cluster as a Temporary solution. After implementing a new  SNMP server, gets SNMP alarm "SNMP GET_NEXT Loop Dete...

Hola a todos!!!Quisiera consultar lo siguiente; estoy configurando un Cisco ASA 5505 (Base Licence), ya tengo configurado el INSIDE, OUTSIDE y el DMZ en el outside he colocado mi IP pública, en el inside he dejado 192.168.1.1 (No he podido cambiarla)...

Hi all.  As I look at the thread headings fo rthe other posts I'm struck by how simple my request must seem I hope this is an easy one!  Using 891W routers, I would like to be able to save the running-config out the WAN port (gig0).  The most common...

HiI want to  make ipsec vpn between ASA and Cisco 877 Router,crypto isakmp and crypto ipsec ACTIVE state its works fine but Cisco 877 can not ping ASA internet interface but can ping behind ASA PC,PC can ping 192.168.2.1 but Cisco877 can ping only be...