Network Security

Tacacs-server key working in some Cisco switches for AAA, but not in other switches???

Good day,Has anyone experienced this before? I am using Cisco ACS 5.2. I have a very simple word (no, not cisco ) for my tacacs-server key. I've used the same key within the ACS and on two other Cisco switches, and AAA is working fine between the ...

ASA 5520 Allowing Guest Wireless Network Access to Internal Internet Facing Resources

I have searched the community but have been unable to find another discussion wth this issue, but if anyone knows of another please let me know with a link.We have a Cisco wireless infrastructure in place that includes a guest network with its own su...

Resolved! Configuring CSC-SSM

From what I've been reading about the SSM module is that there is a Base License and a Plus License.The Base license allows the SSM module to do basic antivirus/spyware checking on your network. The PlusLicense allows the Base License, Plus URL Filte...

SIP Traffic issue FWSM

Dear All,I am facing issue for SIP traffic through FWSM. I am receiving SIP traffic on outside interface but not sending to inside interface.Please find the config.Source : 10.1.1.245Destination : 10.2.2.46Port : UDP-5070Configuration:acc...

ASA SYN ACK missing related with a firewall inside a DMZ of another ASA

Hi I have two control point, two firewallthe second one is linked inside one DMZ from the first firewallroute is good and inside the DMZ from first firewall I have servers tooso to be more clear we could call as IP for the DMZ from first firewall, ...

TWO Way NAT in Cisco ASA

Hi,Is it possible to do the two way(I mean both source and destination ) in cisco ASA firewall?RegardsMathew

implement a secondary ISP to ASA 5510

We are in the process of implementing secondary ISP to our ASA firewall and I wondered if anyone else has configured something like this ??We would like to run both ISPs in parallel so we can test until we finally cutover Any help would be greatly ap...

is there a way on the ASA

to create a policy where you can define source destination and have any traffic matching that criteria to NOT generate a syslog entry? basically i have a particular legit traffic pattern where ANY to a particular public web server is generating tens ...

CSM/ASA - No names for Syslog.

Syslogs generated by the ASA are showing a mixture of IP addresses and Names within syslog entries. I would prefer that all the syslog entries show just the IP address as it is easier for our syslog server to inteprete the data. I understand that thi...

Using syslog for monitoring failed login attempts using brute force hacking - pro's and con's

Hello all,just trying to find out the pro's and con's of using a syslog scanning tool (like OAK) to monitor attempts to compromise (brute force) the access to cisco devices.Will a router/switch/ect. fail to send out syslog messages, while under attac...

Cisco IPS SSM20 Vulnerability

Hello, does anyone know if the IPS can be updated to SSH 2? We have conducted scans on the IPS that fail OpenSSH X11 Port Forwarding Session and cannot find a command that will allow us to update to SSH 2. The vulnerability is CVE-2008-1483 and CVE-2...

Resolved! Upgrading ASA cluster from 7.2 to 8.2 any problems known?

Hallowe are going to upgrade our 5580 ASA Cluster from 7.2 to 8.2 and want to do it like this way ( which worked for all 7.x upgrades ) :download asa8.2 Image to primary + secondary Firewallreboot primary ( message come up " mate version ...)reboot s...

CLI command to open ports 80, 443 and 1882

I need top open ports 80, 443 and 1882 to a specific external client (IP address). Can someone help me with the commands for that please?

ASA5505: ARP issues with default route not on same subnet

Hi all,I have some issues with my ASA5505. The ASA is connected to an ADSL modem DLINK dsl-320B. The modem is configured as Half-bridge which means that the modem handle the PPPoA connection and pass the public IP from the ISP to the ASA. The ASA get...

help static nat on ASA5510

Dear Cisco!We have network topology Inside Netwrok (172.168.1.0/27) --- ASA5510----- Outside network (192.168.10.0/24)ASA5510 have: Inside interface: 172.168.1.30/27; outside interface: 192.168.10.254And we config: # object ne...

Network Security

Forum Posts

Tacacs-server key working in some Cisco switches for AAA, but not in other switches???

ASA 5520 Allowing Guest Wireless Network Access to Internal Internet Facing Resources

Resolved! Configuring CSC-SSM

SIP Traffic issue FWSM

ASA SYN ACK missing related with a firewall inside a DMZ of another ASA

TWO Way NAT in Cisco ASA

implement a secondary ISP to ASA 5510

is there a way on the ASA

CSM/ASA - No names for Syslog.

Using syslog for monitoring failed login attempts using brute force hacking - pro's and con's

Cisco IPS SSM20 Vulnerability

Resolved! Upgrading ASA cluster from 7.2 to 8.2 any problems known?

CLI command to open ports 80, 443 and 1882

ASA5505: ARP issues with default route not on same subnet

help static nat on ASA5510

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

How to Modify Content-Security-Policy (CSP) for FTD Remote Access VPN

IPsec session (Phase 2) hang. Cisco Secure Firewall (Firepower)

Questions about network discovery in FTD 7.4.2.2 (build 28) and FMC7.6

Change Syslog Port Cisco FirePower Management Center

CSCwb82223 - Multiple faults for blades 2 on 4115 with 1 SSP installed

ASA 5516X keeps crashing/restarting

FMCv Licensing

FMC 1000 to HA FMC 1600: Upgrade Strategy & CUFA to ISE-PIC Migration

ASA VPN policy based on AD groups

Which license do I need for the PLR process for a FPR 1120