Network Security

I just got to work with a ASA in production having 8.x OS and I saw some strange thing . DMZ is assigned 70 security level while outside is 0 , while doing packet-tracer from DMZ to Outside ip it gives me a drop by ACL message ( tcp / icmp ) while it...

I have a Cisco ASA 5505 that has been configured to act as a router as  well.  I have configured 3 VLANS that have access to the internet.  For  some reason the "InsideWifi" and the "Guest" VLANS have very slow  internet speeds and sometime web pages...

I'm experiencing a rather strange issue that has me stumped.We are running an FWSM on a 6509 with a SUP720. Firmware 3.2(18), in MultiContext Routed Mode, with shared MSFC.Everything runs fine on this baby most of them time, however occasionally with...

My VPN users are able to access IPV4 resources, but not IPV6, all of my other user who are not VPN users are able to access everything V4 and V6.  Can anyone help me figure out what I have configured wrong?So my network goes: IPV4 flow = FIOS > ASA55...

Hi all,I am facing a typical issue.I have two router router x and router y.connected to one firewall.For particular  vlan  i have diverted the traffic from firewall to a diffrent router(with a dedicated link for vlan).Just asuume gmail ,hotmail etc a...

I am having touble with a NAT concept. What I have is a 3rd party software VPN product that basically tunnels encapsulated traffic to/from a server sitting inside the network. Right now this traffic utiluizes a physical interface on the ASA5510, but ...

Hi all,I have a question about NAT behavior on FWSM 4.0. The problem is email server (Company A) cannot connect to email gateway (Company B) on the outside network and it randomly happen. I got this error from server guy "Detail: xlate has blocked th...

There is ASA 5505:- 8.4(2) IOS- FLASH: 128 Mb- DRAM: 256 MbRequirements for 8.4(2) are acomplished: For the ASA 5505, only the Unlimited Hosts license and the Security Plus license with failover enabled require 512 MB; other licenses can use 256 MB.A...

I got myself pretty excited about deploying an ASA 5525X because of the forthcoming product. It would replace our existing ASA 5520 (with IPS). But I heard a rumor that IPS and CX are incompatible in the same unit. Can anyone confirm or deny?Thanks!-...

Good Morning guys,I have an asa 5510 8.2 i have configured IPv4 and this is working fine.I am now trying to add the IPv6 configuration. We have been assigned a public /48 block which i have chopped up to /112 blocks. (dont want to use the eui-64) i h...

I'm getting this in my log buffer off my Cisco 2800 ISR. Seems like a firewall alert and  I've looked it up but, having a hard time really understanding what this really means.Should I be worried about this?Aug  2 18:27:56.380: %FW-4-ALERT_ON: gettin...

Hi Expertswhen y configure ur IPS as IDS , does the 1 sensing interface must be configured with same VLAN as the monitored Portconsider my public interface on my asa connected to switch1 int gig1/1(vlan 5) and the sensing interface connected to switc...

Hi,Is there any way to accomplish this event applet from a router on the ASA? Thanks.event manager applet ClearNAT event track 123 state any action a1 cli command "clear ip nat trans *" action a2 mail server "192.168.1.10" to "coord@cpa.com" from "ad...