Network Security

Resolved! Routing VLAN's internally on ASA 5510

I am currently in pre-production on a firewall and running into some areas where the configuration is beyond my skill level. We have 3 vlans (DATA, VoIP, ISCSI) and need to have the ability to go back and forth between these vlans freely.Upon resear...

Outbound email issue with ESMTP inspection disabled

I have a client that is running an ASA5512-X. When I initially installed it, they were having issues sending out emails. I disabled ESMTP inspection and thought it resolved the issue. Recently, they upgraded to Exchange 2010 and are still having a...

Anyone else notice IPS Signature 1802/0 firing frequently?

We have seen IPS Signature 1802/0-"Ruby on Rails Remote Code Execution Vulnerability" trigger frequently on any webpage with XML with YAML content I'm wondering if anyone else has seen this new signature fire frequently. It looks to me that this sig...

Resolved! Security Context License Requirement - ASA5520

Hi Guys,A simple question - I have ASA 5520s and was wondering what license is required to create multiple (more than default 2) security contexts. The ASA already have ASA 5520 VPN Plus license.Software Version 8.4(1)Thanks.Amit.

remote access vpn going through another firewall segment

Hi,Can i know that when use remote access vpn connect to asa firewall inside interface, after that the remote access vpn is it can connect to another firewall segment , the firewall segment is behind the inside interface?

VLANs ACLs in a 3750 switch stack

Hi all,We have this case :A CISCO 3750-X stack with several VLANs and many ACLs applied to the virtual interfaces. Intervlan routing is on. Connected to this stack are VMware hosts and with about 500 VMs.We started using the ACLs to allow connectivi...

Cisco VPN - DNS Intermittent issue

Hi Guys, One of our client experiencing and intermittent issue with DNS results(Unable to resolve DNS addresses externally) while connected via Cisco VPN.User can connect internal resources fine, intermittent issue accessing external Websites. Ping, ...

Asa Firewall transparent mode allow 3 interface?

Can ASA firewall allow 3 interfaces connected in transparent mode? Can 3 interfaces separate into 3 zone?

Resolved! Routing DMZ <-> INSIDE

Hey together,I have a little problem creating a network infrastucture with an "inside", "dmz" and an "outside" network on my ASA5512-x 8.6(1).I have have clients and servers with the networks 10.0.1.0/24, 10.0.2.0/24 until 10.0.12.0/24 on my inside i...

PIX ping Internal subnet

I have a network with multiple subnet, when I put the ip adress of pix as a gateway, I can not ping the others IP subnets, the ping to outside is correct, and the ping works in the same subnet. Internet connection works, my need is only permit ping b...

How to NAT to multiple interfaces in 8.3? Best Practice ?

Hi GuysHaving upgraded to 8.3 from 8.2 I and read much about the differences , it seems that 8.3 deals with NAT in a much more managed method.However I am confused on how one would NAT a network object to multiple interfaces? i.e I know yo...

cisco asa cold start

Hello,I have 4 Cisco ASA 5520 devices in our network. One of them did a cold start a few days ago. Only 4 people have access to the device including myself. I dont think any of the 4 people rebooted the ASA. No one was in the server room on that ...

How to allow asymmetric traffic in FWSM

Dear Experts,My FWSM is blocking the return traffic because it retuns from different VLAN than the traffic has been established , which is normal . I would like to enable the FWSM to allow this kind of traffic , do you know how to do it ?? my traffi...

Resolved! Upgraded ASA to 8.4(1)

Hi All,Ive upgraded a ASA to 8.4(1) and now it appears to be completely open.I can ping the outside and everything.Ive put a access-group on the outside and can still ping it.Any ideas?ThanksKev

Resolved! are IP address groups supported on Nexus-5000 and lower models?

While looking at online documentation I see that object-group ip address is explicitly listed as supprted command on Nexus-7000 but on other models documentation is confusing. For example, for Nexus-5000 references to IP address group objects for sou...

Network Security

Forum Posts

Resolved! Routing VLAN's internally on ASA 5510

Outbound email issue with ESMTP inspection disabled

Anyone else notice IPS Signature 1802/0 firing frequently?

Resolved! Security Context License Requirement - ASA5520

remote access vpn going through another firewall segment

VLANs ACLs in a 3750 switch stack

Cisco VPN - DNS Intermittent issue

Asa Firewall transparent mode allow 3 interface?

Resolved! Routing DMZ <-> INSIDE

PIX ping Internal subnet

How to NAT to multiple interfaces in 8.3? Best Practice ?

cisco asa cold start

How to allow asymmetric traffic in FWSM

Resolved! Upgraded ASA to 8.4(1)

Resolved! are IP address groups supported on Nexus-5000 and lower models?

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

after FTD upgrade from 7.2.5.2 to 7.2.9 all snorts cpu are almost 100%

FMC Unable to Join CSSM On-Prem

Fixed: "show conn flow-rule qos" gives Syntax Error: Illegal parameter

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

9200和9300，通過管理口進行tacacs認證失敗，找不到原因

ASA Static Routing same IP with different subnet masks

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC

FMC-ASA-SFR compatibility