Network Security

Resolved! ASA5510 NAT configuration question

Hello friends...I have 30 IP cameras with a private IP address:10.1.1.1 – 10.1.1.30I have a Cisco ASA 5510 firewall.I want to be able to use one public IP address, example, 50.50.50.50With a specific port to go to a different internal camera,Example ...

Upgrading ASA from version 7.x to 8.x

Hi All,I would appreciate if someone can comments, if they have any experience or came across with any issues regarding NATing or ACL setup for NAT ranges after upgrading ASA from version 7.2 to 8.3 or later?At the moment we are planning to upgrade e...

Resolved! What causes an internal IP to "attack" multiple public IPs?

We have had numerous TCP SYN Host Sweeps. Could anyone share what could cause the above? Copy of alert details follow. evIdsAlert: eventId=1216742775473866070 vendor=Cisco severity=informational originator: hostId: ips appName: sensor...

Resolved! Pix 506E - clients http dont see some websites

Hello everyone, I have a problem with PIX 506E that meets the version 6.1, and in an simple computer network equipment seems to behave in strange ways because some web sites do not open or very open slow thereby its operation impracticable. On the ot...

ASA SSH issue

Dear CSC,I just stumbled upon a strange ASA / SSH problem.First of all some specs:ASA 5520 - Active /Standby Multi Context mode running 8.4.3I’ve configured SSH login with local authentication and it works fine if I permit access from anywhere.I want...

Cisco IOS firewall SDM rules issues

Someone out there mu st have had this issue before. we have just configured our 3825 router with the IOS firewall application using the SDM defaults to start with but have hit a few issuses with being able to access webmail applications. we are using...

Resolved! Adding a DMZ on ASA 5505 with Base License

I'm tring to setup a DMZ for a guest wireless off of a 5505. So this device has a base license. It has vlan1 and vlan 2 for inside and outside.Another vlan is configured to be a failover for the currently active wan connection. It is using the "no...

ios firewall vs. asa

We were having a discussion of ios firewall vs. asa for smaller clients(less than 50). On using ios firewall(zbf or cbac)and an asa 5505/5510. One of the arguments brought up on using ios firewall on the router is that a router will do an ip sla fai...

ASA 5505 HA problem - potential licensing issue

I have two ASA 5505's with Security Plus licenses on both.I am trying to force them to becoming an HA pair using active/standby.When I enable failover I get this message:Mate's license (Licensed Cores ) is not compatible with my license (Licensed Cor...

Rule for Allowing Computer Access Microsoft

I have a computer behind the ASA 5505 firewall. The computer needs to access Microsoft Activation Server. Reading some website information, I need to allow a huge list of servers that basically points to www and https traffic. Therefore, looking at t...

ASA 8.4 DMZ cannot get to internet

WE have a DMZ on ASA5510 8.4, it can access anything internal interface but cannot get out to internet or outside interface. I try to ping from a host in the DMZ to 8.8.8.8 and get this in the log6Apr 25 201208:24:431100038.8.8.80172.10.1.1501Routin...

ASA 5550 inside interface hangs

Hi all,Last night, the inside interface on our primary ASA seemed to "hang". It dropped all the packets it received. Because the interface didnt go down, failover didnt happen. Device's info;Cisco Adaptive Security Appliance Software Version 8.2(3)De...

Response from nonexistent IPs

Good afternoon!At my work I'm having an interesting issue. I am trying to map out ip space in certain areas of my network through firewalls and determine what IPs are active and not. The issue I am running into is that when I run NMAP or just a reg...

Resolved! cisco asa 5585 MultiContext !!!!

Hi,Is it possible to have context in transperant mode and routed mode. Means if i need three context then 2 of them is in routed mode and one of them is in transperant mode. If yes then how, i can 't find this info in cisco website.???I am havin 5585...

Static Policy NAT Question

Hi All,I have a query regarding static policy NAT within the following scenario - I have the following simulated setup - 3 customers (CUS#1, CUS#2 and CUS#3)Each customer has a server (CUS1-SRV#1 - 192.168.1.1/24, CUS2-SRV#1 - 192.168.2.1/24 and CUS3...

Network Security

Forum Posts

Resolved! ASA5510 NAT configuration question

Upgrading ASA from version 7.x to 8.x

Resolved! What causes an internal IP to "attack" multiple public IPs?

Resolved! Pix 506E - clients http dont see some websites

ASA SSH issue

Cisco IOS firewall SDM rules issues

Resolved! Adding a DMZ on ASA 5505 with Base License

ios firewall vs. asa

ASA 5505 HA problem - potential licensing issue

Rule for Allowing Computer Access Microsoft

ASA 8.4 DMZ cannot get to internet

ASA 5550 inside interface hangs

Response from nonexistent IPs

Resolved! cisco asa 5585 MultiContext !!!!

Static Policy NAT Question

Reuse Object Group in a single ACL line

CSCwm49782 - enhance sma 2nd cruz heartbeat logging

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCvx25052 - DOC: FTD Syslog messages 43000x missing from FMC

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Cisco ASA 5525 Migration to FPR-1140

Options to NAT to multiple internal servers from internet on FTD?

ACME on ASA

Snort3 rate filter

PBR with AnyConnect