Network Security

Resolved! ACL allowing internal clients access to outside FTP data on cisco 3750

Hi,I have this ACL on a cisco 3750 for allowing internal clients to access outside FTP servers, and I am concerned about the security hole that the last statement it might create:access-list 111 permit tcp 10.100.111.0 0.0.0.255 gt 1023 any eq ftpa...

How to configure a Cisco Pix 501 (version 6.3) firewall to allow large backups to remote server?

Do you use a exclude command? aaa authentication? permit? or .....? not sure? port 21 is used for ftp and this is how the files will be sent to the remote server. So allow certain programs to access this port, that will be doing the backups? Or cr...

ASA 5510 8.4 Clear DF bit

Hi ppl!Could you help me with DF bit.I looking how i can clean DF bit on my internal interfaces? Any help would be appreciated!

Need quick solution on NAT'g ASA 8.4

Hi Guys,Here is the scenario:Source (Inside) : 10.0.1.5/24 NAT IP: 10.0.1.25/24 (from the same Inside network)Destination, learnt via outside: 192.168.1.32/24 (not directly connected ,three hops away from outside interface of FW)If I initiate a conne...

Resolved! Threat Detection problem

Please help me,I am testing the Cisco ASA by nmap but cisco asa doesn't shun my ip.I have configured the threat detection as following:threat-detection rate dos-drop rate-interval 600 average-rate 100 burst-rate 400threat-detection rate dos-drop rate...

Resolved! nat outside addr to inside at site reached via mpls

We are running asa ios 8.4 and would like to know if it possible to nat an outside addr at site A to an inside addr that is reached via mpls at site B?

Resolved! Can't Access Internal Servers From Behind An ASA 5505

Hi all.I am having some trouble accessing some backup Email (Outlook Web Access) and Citrix servers located behind an ASA 5505 firewall at a remote datacentre. Simply put, when I go to the specific URL (e.g. https://citrixdr.xxx.co.uk) I do not arriv...

Comparison of ASA-CX and normal ASA

Hi all, Is it possible to get some comparison table or document that highlights main advantage of using CX over normal ASAs ?

Resolved! Urgent!!! Need solution on enabling EIGRP on failover ASA pair..

Hi Guys,While advertising network 0.0.0.0 0.0.0.0 in EIGRP on a Cisco ASA failover pair, got the error saying "ERROR: EIGRP cannot be enabled on failover interface". I am unable to configure failover interface as passive interface. Please guide me..I...

traceroute response issues, on ASA5505?

I am having some odd traceroute issues coming from clients behind my ASA5505.ASA Version: 9.1(1)ASDM Version: 7.1(1)52Firewall Mode: RoutedUsing ASDM I have modified the Rule Actions on the default service policy, to inspect ICMP. I have also added...

cisco ime using local proxy server

folksi've a strange process going onime can't connect to any of my sensors and when i run a packet capture it looks like its using an old proxy server i had configured some time agoi've checked that IE isn't configured for a proxy but can't find wher...

Resolved! Default class inspection policy

Hi Everyone,Need to know if default class inspection policy matches the incoming or outging traffic flowing through the ASA?Example when i ping from PC connecting to the ASA to outside world will then it will match icmp traffic entering the ASA th...

Standard Operating Procedure For Cisco Firewall

Hi,i want to ask it is cisco have a SOP about Firewall because i want to create SOP for my company.

Resolved! Trying to pass internet with a Cisco ASA 5505

Hello, I have not been having much success configuring my 5505 for Internet access, and I'm sure there are a few small things I'm missing. At times I believe I got it to the point where I could ping, but still not pass through the Internet traffic...

TCP Hijack - Insight required to investigate

Event ID 1363209060027941200Severity highHost ID XXXX-IPSApplication Name sensorAppEvent Time 04/03/2013 16:56:55Sensor Local Time 04/03/2013 11:26:55Signature ID 3250Signature Sub-ID ...

Network Security

Forum Posts

Resolved! ACL allowing internal clients access to outside FTP data on cisco 3750

How to configure a Cisco Pix 501 (version 6.3) firewall to allow large backups to remote server?

ASA 5510 8.4 Clear DF bit

Need quick solution on NAT'g ASA 8.4

Resolved! Threat Detection problem

Resolved! nat outside addr to inside at site reached via mpls

Resolved! Can't Access Internal Servers From Behind An ASA 5505

Comparison of ASA-CX and normal ASA

Resolved! Urgent!!! Need solution on enabling EIGRP on failover ASA pair..

traceroute response issues, on ASA5505?

cisco ime using local proxy server

Resolved! Default class inspection policy

Standard Operating Procedure For Cisco Firewall

Resolved! Trying to pass internet with a Cisco ASA 5505

TCP Hijack - Insight required to investigate

VPN with Alias on FTD

FMC/FTD remote access user not found using DUO SSO

CSCvr64208 - ASDM launcher v1.9 not applying proxy rules

How changes time zone cisco FTD firewalls UTC to IST

Cisco FTD local login syslog

FMC Security Intelligence - logging only

Firepower 1010 registration

IKEv2 - CVE-2025-20182 - Denial of Service Vulnerability

FTD 7.4.2.2-28 Site to Site VPN Flow is denied by configured rule

No proposal chosen on FMC managed FTDv - any helpful debug commands?