Network Security

PIX ping Internal subnet

I have a network with multiple subnet, when I put the ip adress of pix as a gateway, I can not ping the others IP subnets, the ping to outside is correct, and the ping works in the same subnet. Internet connection works, my need is only permit ping b...

How to NAT to multiple interfaces in 8.3? Best Practice ?

Hi GuysHaving upgraded to 8.3 from 8.2 I and read much about the differences , it seems that 8.3 deals with NAT in a much more managed method.However I am confused on how one would NAT a network object to multiple interfaces? i.e I know yo...

cisco asa cold start

Hello,I have 4 Cisco ASA 5520 devices in our network. One of them did a cold start a few days ago. Only 4 people have access to the device including myself. I dont think any of the 4 people rebooted the ASA. No one was in the server room on that ...

How to allow asymmetric traffic in FWSM

Dear Experts,My FWSM is blocking the return traffic because it retuns from different VLAN than the traffic has been established , which is normal . I would like to enable the FWSM to allow this kind of traffic , do you know how to do it ?? my traffi...

Resolved! Upgraded ASA to 8.4(1)

Hi All,Ive upgraded a ASA to 8.4(1) and now it appears to be completely open.I can ping the outside and everything.Ive put a access-group on the outside and can still ping it.Any ideas?ThanksKev

Resolved! are IP address groups supported on Nexus-5000 and lower models?

While looking at online documentation I see that object-group ip address is explicitly listed as supprted command on Nexus-7000 but on other models documentation is confusing. For example, for Nexus-5000 references to IP address group objects for sou...

NAT Problems in 8.3 when untranslating NATs

Hi Guys I have the following problem Background: Upgrated from 8.2 Cisco ASA 5520 to 8.3. I have drawn a diagram similar to the below that shows a similar network. I have a server that requires access on a number interfaces on the ASA, in 8.2 I have ...

Resolved! "Control transaction cannot be completed at this time" IPS Problem

Hi,Yesterday the module AIP-SSM-20 of the customer for second time in the last 5 month present a error on the sensor and is just the sensor stop the analyzed of packet.When the problem is present you can access the management interface, the interface...

ASA5505-UL-BUN-K9

Is this the correct model of ASA to be able to get DHCP for at least 100 addresses.

Resolved! Problem to Configure Cisco ASA 5505 DMZ

Hello,I'm configuring a Cisco ASA 5505, I configured the INSIDE and OUTSIDE, when configuring the DMZ shows me the following error:"This Licence does not allow configuring more than 2 interface with name if and without a" no forwaded "command on this...

ASA WCCP Redirection

I have three web content filters (SOPHOS) I need to implement and I am looking for a little guidance with WCCP redirection. I only need to redirect http/https traffic to the content filters. From the reading I am doing the ACLs do not support port ...

How much time does 8.2 software have?

I've been reviewing software revisions for the Cisco ASA 5500 family. We have a few clients running 8.2 and the jump to 8.3 will require significant effort to make sure everything translates properly. There are no features in 8.3 that these clients...

ASA Routed to Transparent

Dear Netpro Experts,We have a client who has an ASA 5550 with 8.3 and having 12 different subnets passing traffic without nat. Its running in Routed mode at the moment. Thay have a proposal from their internal team to convert the Firewall into Transp...

ASDM not working with ASA 8.4

hi I have recently upgraded ASA to 8.4 and found that ASDM is not working on it. I tried the latest ASDM version 7.1 still no luck.When I try to access ASA using IE...it just shows " Page can not be displayed "Following is the conf...

ASA 8.2(5)26 - ICMP echo request denied on outside?

Hi,I'm having problem getting ICMP echo monitoring on outside interface to work. I've set: icmp permit host monitoring_station_adress outside but I still get: %ASA-3-313001: Denied ICMP type=8, code=0 from monitoring_station_adress on interface outsi...

Network Security

Forum Posts

PIX ping Internal subnet

How to NAT to multiple interfaces in 8.3? Best Practice ?

cisco asa cold start

How to allow asymmetric traffic in FWSM

Resolved! Upgraded ASA to 8.4(1)

Resolved! are IP address groups supported on Nexus-5000 and lower models?

NAT Problems in 8.3 when untranslating NATs

Resolved! "Control transaction cannot be completed at this time" IPS Problem

ASA5505-UL-BUN-K9

Resolved! Problem to Configure Cisco ASA 5505 DMZ

ASA WCCP Redirection

How much time does 8.2 software have?

ASA Routed to Transparent

ASDM not working with ASA 8.4

ASA 8.2(5)26 - ICMP echo request denied on outside?

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?