Network Security

ASDM no longer launches

Hi,ADSM on our ASA was working last week but today I tried to access ASDM as usual and this time it will not launch. I have the ASDM client on my PC and when I run it from there, it says Unable to launch the device manager. When I try to run the ja...

Spreading users across a NAT pool

Hello,I'm trying to hide an IP range that is allocated to approx 150 users behind a pool of 64 addresses. I'm looking at the following configuration to do this but have a concern:-hostname(config)# object network my-range-objhostname(config-network-o...

Cannot create new Rule on ASA - HELP - HELP

Hello,I'm trying to configure my Cisco ASA firewall to allow outside access to my new webserver which is hosting inside the company network.The number 47 & 48 from image below are my new access rules.From ouside I can ping to it by...

Resolved! DNS response traffic getting dropped

We have a FWSM running 3.2 IOS in a cat 6509Clients and server conducting queries against MS 2003 AD servers running DNS are having problems, and in the syslog I see messages likeDeny inbound UDP from 172.25.59.106/53 to 172.25.55.11/56465 due to DNS...

traffic limit for internet traffic usig ASA 8.2

hi to everyone, i am checking another posts with the same question and use almost the same configurations I am testing limit bandwith using my ASA 8.2,i am trying to limit internet access for certains users , i order to save Bandwith for the importan...

Resolved! ASA and Xlate command

Hi all,ASA is connected to Internet and doing NAT.Which command can tell me my Public IPs used and my Private IPs.Need to confirm is this command sh xlate ?Is there any command that can give info on NAT ? Also what does xlate comma...

Firewall Response is very slow while applying ACL

Hi Friends,A Very funny and peculiar issue i am facing in one of the Firewall recently and i am not sure about the root cause.Here is the Scanerio:I am managing a firewall over remotely in my LAN itself. I started a continous ping to the Firewall IP ...

Cisco ACS 5.2 port 49 not active

Hi Guys,My devices are unable to authenticate with Cisco ACS after I have reboot the ACS system but Radius working fine.I have issue "show ports" from acs console enviroment but i dont see port 49 is active.Any idea?? Thanks..

Clientless vpn issue

I have a issue when i login to to clientless ssl vpn (e.g https://webvpn.cisco.com/+CSCOE+/logon.html ) and i click on terminal servers on the side and then i click on the the terminal server.There is a issue with it connecting using active X , it j...

Resolved! IPS module will not download signature updates.

Hello all,I have a Cisco ASA 5512-X with the IPS module/processor. I am trying to get the device to download signature updates but am encountering problems. I have entered a valid cisco.com user account into the GUI to enable this feature, but the up...

Allow RDP from DMZ to Internal Network Connection

I am currently trying to trouble shooting a connection problem from a RDP server hosted in the DMZ connecting to a exchnage server hosted in the private network.I have an RDP server sitting in a DMZ on the 172.168.x.x network, when a user tries to co...

Resolved! ASA dropping packets

Hi all,I see this in ASA logsASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 0 per second, max configured rate is 10; Current average rate is 22 per second, max configured rate is 5; Cumulative total count is 13472after this i ...

timeout uauth

ASA 8.2(5), uauth absolute timeout is disabled and inactivity timeout is set to 48 hours:timeout xlate 48:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:0...

Resolved! NAT/routing issue from one subinterface to another

I have a customer that sits behind an ASA on Int g0/1.143 (sec-level set to 100).I have another customer that sits behind the same firewall on Int g0/1.156 (sec level = 100 as well).The default gateway for each customer is the ip address on the above...

Unable to allow inbound ICMPv6 on ASA version 9.0(1)

I have upgraded an ASA 5505 to 9.0(1) as I would like to use ipv6 version of dhcprelay. That said, I am unable to obtain a global unicast address but the link-local address is able to communication with the ISP's gateway/DHCP provider which I hope wi...

Network Security

Forum Posts

ASDM no longer launches

Spreading users across a NAT pool

Cannot create new Rule on ASA - HELP - HELP

Resolved! DNS response traffic getting dropped

traffic limit for internet traffic usig ASA 8.2

Resolved! ASA and Xlate command

Firewall Response is very slow while applying ACL

Cisco ACS 5.2 port 49 not active

Clientless vpn issue

Resolved! IPS module will not download signature updates.

Allow RDP from DMZ to Internal Network Connection

Resolved! ASA dropping packets

timeout uauth

Resolved! NAT/routing issue from one subinterface to another

Unable to allow inbound ICMPv6 on ASA version 9.0(1)

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

GeoLocation IP Package Download In 7.4.2 FMC

Cisco FDM High availability

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

CSSM On-Prem with FTD on FMC

Adding an FTD with existing Config to an FMC

Can ASA5555 License transfer to Cisco Firepower 2100 ASA?

ASA to FTD migration

FDM1120 Management Interface IP Address

OSPF Passive interface in FTDs