I am migrating ubuntu iptables to ASA and since I am not a linux/iptables expert I am having trouble following the nat rules. Can someone hook me up and convert the following for 8.4#$IPTABLES -t nat -A PREROUTING -i eth0 -p tcp -d 216.68.4.12 --dpor...
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(82) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,481) -
Cisco Bugs
(21) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(134) -
Cisco Firepower Device Manager (FDM)
(793) -
Cisco Firepower Management Center (FMC)
(2,865) -
Cisco Firepower Threat Defense (FTD)
(3,097) -
Cisco Press Cafe
(1) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(39) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(30) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(255) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(20) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,565) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(314) -
MPLS
(1) -
Multicloud Defense
(1) -
Network Management
(87) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,544) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,756) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(23) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(2) -
Security Management
(615) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(5) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(39) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous « Previous
- Next » Next »
Forum Posts
Hello,I have two identical ASA 5510's with SSM-10 IPS modules. One of the SSM-10 modules is licensed, one is not. Can I move the licensed module (currently installed in the secondary ASA) to the other ASA 5510 (Primary) without causing a problem?Tha...
This is my first hands on with a newer ASA, in this case a 5515-X. Also the first time I'm doing a greenfield config with the post 8.3/8.4 objects.I can see how the object groups do actually simplify administration, not just for NAT. I've done some t...
I am working on creating some custom signatures. I created one that works really well for the FTP traffic. If some one tries to login as most commonly used default user ID's their connection gets reset. Now that is great. But we have a secure FTP...
Hi,Is there a way to quickly check when the last time access-list counters were cleared in a ASA/FWSM?I know in Cisco IOS we can check from the 'show interface' command when the last time counters were cleared for that interface. Wondering if this is...
After upgrade my ASA IPS sensor to version 7.1(6)E4 I receive this two Alerts every hour:<161>Sep 19 2012 21:23:09: %ASA-1-505013: ASA-SSM-10 Module in slot 1, application reloading "IPS", version "7.1(6)E4" Config Change<161>Sep 19 2012 21:23:09: %A...
Hi.I can't connect to ASDM. ASA closes connection becouse browser doesn't support ssl with DES-CBC-SHA<167>:Nov 16 15:52:41 GST: %ASA-session-7-609001: Built local-host inside:10.1.11.77<167>:Nov 16 15:52:41 GST: %ASA-session-7-609001: Built loc...
I will be working on an ASA5540 and here is what I would like to do. We have 2 separate ISP providers, one 20Mb and the other 20Mb as well but could be moving to 50Mb, and we want to use both circuits all the time and if one circuit fails everything ...
I have a doubt..how ASA failover detects ...1. Hardward failure on primary ASA2. Failover link failure 3. One interface failure on primary ASAFailover will happen on case 1 and 3..How ASA differentiate these conditions.please clarify my doubt.ThanksS...
Hi ThereI am working on a task of redirecting any uncatched http traffic to Symantec public transparent proxy through Cisco ASA. For the definition of uncatched http traffic, we have inbound squid servers for deploying IE proxy pac and redirect the h...
Resolved! IPS and CSM FlexConfig
Can we Flex signatures tuning using CSM? I posted the question 3 days ago on the CSM forum, however, no one has answered it yet?Thanks. Cath.
I dont really get it with NAT overloading on version 8.4.2, it's really confusing.See the following configuration;interface GigabitEthernet0 nameif outside security-level 0 ip address 10.50.0.1 255.255.255.0!interface GigabitEthernet1 nameif inside s...
Resolved! ASA 8.2 security-level default behavior
Hi,I'm trying to implement some best practices for ASA running on Software Release 8.2 and had a question about the default security-level behavior.Let's say I have 3 interfaces...-inside (security-level 100)-dmz (security-level 50)-outside (security...
Lately I've been trying to get a squid server to work with WCCP on our network so that client traffic transparently goes through the proxy. The problem is, having very little experience with squid, I've hit a brick wall and despite spending days sear...
Resolved! ASA and Concurrent Sessions
Hi, I have a question about some of the parameter for the ASA.For example in Cisco ASA 5540 Adaptive Security Appliance Platform Capabilities and Capacities, I see Concurrent Sessions: 400,000Which mean what device can handle 400,000 session and no m...
