Network Security

How to apply Policing on Cisco ASAs with leased lines?

Hi,I'm trying to configure policing and/or shaping on a setup of 2 x ASA 5505 Sec Plus. The units are placed in office A and office B and each have a ISP connection to the internet and a leased line with a capacity of 4/4 Mbit/s for interoffice commu...

Set clock on AIP-SSC-5

How are you supposed to set the clock on the AIP-SSC-5 module?There doesn't seem to be any way to set the clock manually, you have to use NTP. The problem is that the module refuses to set the clock if the time it gets through NTP is more than 1000 s...

port redirection in asa

Hi all, I am practicing some stuff in asa. I have a host on outside network(a router) which IP is 172.16.1.2. My inside host is 10.1.10.2. Now i just want to achieve this1) From inside host, when i telnet 200.2.2.2 on port 2200, it should be redirect...

ASA redundant interface failover time

HelloI have been looking for information on the failover time for a redundant interface. In particular, I am looking at configuring an ASA with two physical interfaces to different routers in a ring running EIGRP. I understand there will be the EIGRP...

Resolved! Defaults ports open on cisco ASA 5520

Hi,Please guide me what are default ports are open on asa 5520 from outside interface (Zero level Security ) to inside interface (Security level 100)Thanking youWith RegardsNil Jos

Resolved! Second IP range on Public interface for NAT'ing

I have a Cisco ASA 5520 (Ver 8.2(4)) with all four interfaces in use (Public, Private, DMZ, Local offices) and an IPS module, so there are no spare interfaces. I have used all of Public IP's on the current interface for various services (these need o...

How to determine which vlans are placed on FWSM?

Hi all,I have some basic questions on firewall/data center design. I have inherited a pair of 6500s containing FWSM modules. All 50+ VLan interfaces are placed on the FWSM and are doing quite a bit of intervlan traffic for the 200+ machines we have o...

ASA blocking

Dear Experts,Iam getting one error on my firewall and how can i fix this problem.Deny udp src MZ:10.242.100.20/49290 dst OUTSIDE:111.93.252.6/53 by access-group "MZ_access_in" [0x0, 0x0]How can fix this problem.please help mesrinivas

Resolved! Link to configuration convertor tool from PIX to ASA

Hi,I have been looking unsuccessfully for the Cisco tool that take the PIX config an dconvert it to ASA (PIX 5125 to ASA 5520). I was wondering if I need that and if its a Yes, where I can find that Tool on the Cisco Site please?Re...

Monthly Report

Hi All,I was asked to generate a monthly report regarding the ASA's firewall.I'm not sure what should be in that report!!Any ideas,suggestions will helpThanks,Omer

ASA - Syslog shows hostname need IP

Hello,I can't figure this out. I am sending logs from one ASA to our syslog server and it displays on the syslog server as the hostname of the ASA, however our other ASA shows its IP, how can I get the first ASA to send its logs and show as its IP a...

Resolved! CBAC Stateful Failover HA: ¿can it be used for three segments?

Hello team.I need to protect three segments (inside, outside, DMZ) with two routers running CBAC and Stateful Failover High Availability. I would like to know if the concept shown with two sample segments (inside, outside) in the documentation (http:...

Monitoring VNC traffic

Anyone know of an area where information on monitoring VNC traffic would be?I have been asked to monitor VNC traffic and the baseline signature I have loadedon devices seems a little lacking in scope....Anyone else looking at this traffic on their ne...

CSC-SSM error

Hi,Although my CSC-SSM module is down, I am stille getting the following error:%ASA-3-421001: TCP|UDP flow from interface_name:IP_address/port to interface_name:IP_address/port is dropped because application has failed. A packet was dropped because ...

Resolved! L-ASA5510-SEC-PL

Guys,I have to ASA 5510 with a base licence. I have 8.4 on both of the firewalls, and would like to configure active/passive.Do I need only one security plus lience or two,This text has been copied from cisco.com:http://www.cisco.com/en/US/prod/colla...

Network Security

Forum Posts

How to apply Policing on Cisco ASAs with leased lines?

Set clock on AIP-SSC-5

port redirection in asa

ASA redundant interface failover time

Resolved! Defaults ports open on cisco ASA 5520

Resolved! Second IP range on Public interface for NAT'ing

How to determine which vlans are placed on FWSM?

ASA blocking

Resolved! Link to configuration convertor tool from PIX to ASA

Monthly Report

ASA - Syslog shows hostname need IP

Resolved! CBAC Stateful Failover HA: ¿can it be used for three segments?

Monitoring VNC traffic

CSC-SSM error

Resolved! L-ASA5510-SEC-PL

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Comcast/Ciena handoff to ASA5506?

Cisco FPR-1010 always boot to FXOS mode

Cisco FTD portscan

ASA-AWS - EC2 IMDSv1 required for the PAYG license to be applied

how are blocking cookie and java be applied in real situation?

Cisco ASA ACL and NAT for RDP through subinterface allow any

is this flow impossible?

DDOS and "Error processing payload: Payload ID: 1"

ASDM unable to login for v7.18(1)152

Logging Informational Configuration in Cisco ASA