Network Security

Firewall Migration Tool v7.0.0.1 now live!

Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...

CSM 4.3 folder \mdc\reports\temp

Hi AllMy CSM folder <path to csm>\MDC\reports\temp\ is fairly filled up with some files. Currently 30'001 files with a size of 8.16 GB. The new released SP1 has a fix for this:http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=f...

Resolved! packet tracer showing drop

My firewall is running on 8.2(5)33 version. I am facing a problem where config looks fine, but still firewall is dropping packet (I saw this in packet tracer).I am pasting packet tracer output below. In the final result, it says acl-drop, but ACL is ...

Resolved! RDP access for only outside IP

Hi there,An remote computer should have RDP access to an computer on the inside. So already made some changes to the Cisco Router, and from an outside IP address the inside PC is reachable with the RDP protocol. So that is working fine! But for secur...

ASA smtp and pop3 problem

Hi all !I am new in security and am facing a problem for testing asa 5510 to allow smtp and pop3 both using their standard ports .My first question is that is it necessary to configure NAT if i am using private addresses in my scenario both inside an...

asa 5520 , mem shows 94% and the CPU shows 85%

HiI Have asa 5520 with the code 8.0, the mem shows 94% and the CPU shows 85% , pls ur helpthanksjamil

Help with 3 different Nats on a 1800 firewall

I have a client that has 6 public IP addresses. He needs to use 3 of them. One for workstations which is currently working fine. It is using the default gateway IP. One for a email/web server which has a statis NAT and is also working fine. But ...

Resolved! Routing between two sub interfaces on ASA 5520

I have two virtual interfaces on my ASA 5520:GigabitEthernet0/1.338 172.30.0.81/28GigabitEthernet0/1.345 172.30.0.129/28I have the security levels for both set to 50 and in the ASDM I have checked off "Enable traffic between two or more inter...

Trying to Understand Impact of Policing on Client and Server

Before I implement policing in the ASA, I want to understand the impact of limiting bandwidth on the client and server.Problem – server experiences high CPU when clients download data.OptionsI considered using connection limits within the ASA but The...

Resolved! Cisco 515E 169.154.x.x ip addresses only ? please help

Hello,I have recently bought a Cisco pix 515E firewall primarily to learn from. I have had watchguard firewalls in the past.Powers up ok, link lights up etc... but PC set to DHCP aquires only 169.154.x.x addresses ??Cannot connect, cannot run reset c...

Help with release identification

Hello all!I was looking for a new release for my ASA software. I logged at the site and I found many releases.In the attach I have some doubts, look in red:Why this .ED ???? What is the meaning of???And in "Interim" I have a newest release 844-9. Why...

PIX 515 blocking outbound traffic to certain sites

The problem, in a nutshell: I have a LAN with several linux boxes (Fedora 17, both 32 and 64 bits), as well a a WInXP box. All of these are connected to the same switch, which is connected to the inside port of my PIX 515. For a few sites (mozilla....

Resolved! IPS Manager Express or Cisco Security Manager?

Hello All,We're thinking of buying the IPS licence for the 5512 - which of the above (IPS Manager Express or Cisco Security Manager) is the right tool to read up on for management use? Or can I chose either? If I can chose either, which would you guy...

Resolved! adding failover to active asa

I am adding a failover asa to an a firewall that is already in production. They are both 5510's, they both have the same abount of ram, have the same code versions. Will there be any downtime while adding the secondary in?

Resolved! ASA 8.2(5) enable Netflow

Hi,Running ASA 8.2.(5) with ASDM 6.4(5).When I try to enable netflow on my <default inspection traffic> policy which is global I get a message saying "only inspect rule actions can be specified for the default inspection traffic". As Netflow can onl...

Traceroute Between two ASA

Hey Gents/ladiesWe have a ASA 5505 and a 5510, that we are using site to site..I need to traceroute from the 5505-5510.. From the outside interfaces.. Don't want to do this through the site-to-site.If you know what i mean..I have temporarily added a ...

Network Security

Forum Posts

Firewall Migration Tool v7.0.0.1 now live!

CSM 4.3 folder \mdc\reports\temp

Resolved! packet tracer showing drop

Resolved! RDP access for only outside IP

ASA smtp and pop3 problem

asa 5520 , mem shows 94% and the CPU shows 85%

Help with 3 different Nats on a 1800 firewall

Resolved! Routing between two sub interfaces on ASA 5520

Trying to Understand Impact of Policing on Client and Server

Resolved! Cisco 515E 169.154.x.x ip addresses only ? please help

Help with release identification

PIX 515 blocking outbound traffic to certain sites

Resolved! IPS Manager Express or Cisco Security Manager?

Resolved! adding failover to active asa

Resolved! ASA 8.2(5) enable Netflow

Traceroute Between two ASA

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FTD SSE Connector Service down

Problem with ssl decrypt-resign on Cisco Sefure Firewall

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

Cisco FTD workaround for SSE connector failure stumbled on rights priv

Using FlexConfig to change default command (no sysopt noproxyarp) rule

Trying to enable AnyConnect Alias

EU compliance certificate Firepower 1010 NGFW

Firepower 1010 readiness check stuck at "Please Wait"

OpenSSH regreSSHion vulnerability in FMC