Network Security

Reverse NAT configuration - ASA 8.4.5

Hello all,I have 2 data centers conencted via WAN and each has their own Internet conenction. One of the site's Internet is close to maximum bandwidth and we want to use the second site's Internet for future connections. The problem is the core swi...

No Nat for VPN traffic

Hi All,I have vlan say 10.0.0.0/24 which is patted with public .With a same vlan i have created site to site vpn with the client But I have not used nonat for the interseting traiic do it work ?

Intermittent Internet Connection and VPN clients can't ping internal LAN but connected after installating cisco ASA5512x

Hi!I wish someone can help me on this, I'm a new guy on cisco firewalls and I'm currently implementing cisco asa 5512x, here are the details:ISP -> Firewall -> Core switch -> Internal LANafter installing the cisco asa and terminating the appropriate...

Customized User in Cisco ASA 5505

How can i create customized user in Cisco ASA 5505 having the following Privileges? note i dont have AAA server.User can only perfrom show runing, ping, traceroute, show xlate.Second Question is, I have review one of the firewall configuration and fo...

What object group a port is in?

The following does not help:ASA# sho run object-g | in 1433port-object eq 1433service-object tcp eq 1433 port-object eq 1433ASA# sho run object-g service | in 1433 port-object eq 1433service-object tcp eq 1433 ASA# sho run object-g | be ...

Static NAT to backend network

I have this setup:outside <-> [ASA] <-> inside (10.21.30.0/23) <-> [router] <-> inside2 (10.21.40.0/23)I added this:static (inside,outside) tcp 1.2.3.180 www 10.21.41.100 www netmask 255.255.255.255access-list main_acl extended permit ip any host 10....

Cisco FWSM - How to check if packets are being dropped on a fwsm interface

Hi,I want to check whether packets are being dropped on a FWSM interface. How to do this? I was reading some Cisco documentation and the 'packets dropped' shown under the interface is not what I thought it meantInterface Vlan100 "backbone", is up, ...

Java - Unable to launch application

The problem: When I try to run ASDM on my Cisco 5550, I'm getting the dialog box "Unable to launch application". When I click on "Details", I see the error: "The application has requested a version of the JRE (1.5+) that is not installed". The system...

Resolved! Move it the NAT order in ASA

Hello,My NAT below is at #135, I'd like to move it up to #100 or which command would you move it up?myasa# sh nat | inc 192.168.1.15135 (inside) to (outside) source static obj-192.168.1.15 obj-78.123.123.15myasa#Thanks.

Resolved! https access from DMZ to Inside on ASA 5505

We have an ASA5505 UL bundel, updated with this license "L-ASA5505-SEC-PL=" to enable traffic from DMZ to Inside. No NAT or rules deployed for that yet.On the Inside we have Exchange 2007 in a single server installation. The public url for smtp, Acti...

PAT with HTTPS

Hi.A customer im working with has an internal server running on SSL port 443. Standard.They want connections to the public facing interface on a non standard port, port address translating through to 443.Its running 8.2(1)so will this work? the serve...

Resolved! ASA behavior

Hello people,so i am setting a lab up and i am trying to go a little deeper on ASA default behavior. As far as i know by default ASA has a default access list permitting Any IP traffic from higher to lower security level interface. Default global ins...

Resolved! Single Sign On AnyConnect ActiveDirectory

Hi,With AnyConnect client, is there a way to avoid having to issue the same Active Directory credentials twice:one to auth AnyConnectone to login to Active DirectoryThanks.

ASA 5505 switch from Mode: access Port to Trunk on the fly via CSM ?

HiCan I configure the Port at the ASA 5050 from Mode: access Port to trunk during the FW is running in a production area without console access ?As I know at the 5505 ist should work sincerley Alfred

restore CSM 4.2 DB to CSM 4.3 DB brand new system - failed

HiRestore CSM 4.2 DB to a brand new CSM 4.3 patch 1 failed I already tried 4 times backkups from the CSM 4.2 system to restore to the new CSM 4.3 patch 1 but all restores failed with : uncommitted data I read the install.guide about pending jobs a...

Network Security

Forum Posts

Reverse NAT configuration - ASA 8.4.5

No Nat for VPN traffic

Intermittent Internet Connection and VPN clients can't ping internal LAN but connected after installating cisco ASA5512x

Customized User in Cisco ASA 5505

What object group a port is in?

Static NAT to backend network

Cisco FWSM - How to check if packets are being dropped on a fwsm interface

Java - Unable to launch application

Resolved! Move it the NAT order in ASA

Resolved! https access from DMZ to Inside on ASA 5505

PAT with HTTPS

Resolved! ASA behavior

Resolved! Single Sign On AnyConnect ActiveDirectory

ASA 5505 switch from Mode: access Port to Trunk on the fly via CSM ?

restore CSM 4.2 DB to CSM 4.3 DB brand new system - failed

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Firepower 1010 Interface config to connect vlans to remote switch

Failover license

Cisco Firepower - icmp thru FW, inside to outside interfaces

FTD Back-to-Back VXLAN

HTTP download stops and gives "Network Error" during FTD Failover

FPR-2110 (ASA-Image): Correct option at image upload?

FTD Firepower 1150 active/standby failover link

Policy Set to block specific IP address after a so many failed logins

Firepower 1120 SSD replacement procedure.

ASAv: ASDM upgrade causes error "Unable to launch device Manager from"