Network Security

ASA transparant with Management Interface

Guys,I have a problem, i have ASA which is configured in transparant mode. I have configured ASA with ip management. 10.1.1.1 (which required in ASA transparant mode). I also have interface management which is configured whit ip 172.1.1.1. My topolog...

Remark/Description increasing exponentially in asa 8.2(5) - ASA5550

Remark/Description are increasing exponentially in ASA firewall and it is increasing configuration file size. Also observation is that it is happening for only one access list. Following are some of the remark which are repeating...I try to find out ...

Get statistics information

Dear All,i have been asked to provide statistics information for the ASA usage (bandwidth/top hosts/services)I tried to have a look under the ASDM but i only see possible statistics for the last 24hours...Is it possible to enable them for one month ?...

A wierd observation - Deny IP teardrop fragment

I need help in trying to make sense of the following. My syslog server is full of the following error: Deny IP teardrop fragment. The source addresses resulting in the error are all from my remote MPLS routers. The traffic involved are either netflow...

ASA - Inbound traffic on backup ISP connection

I have a client that has an ASA5520 that has two internet connections, FIOS and Comcast. The ASA is configured to failover from the FIOS to the Comcast if the FIOS fails. This works perfectly fine. However, I was wondering if VPN and other inbound...

CCNP Security

On the new CCNP Security can I take the 642-617 first and what is the expiration date once I pass?

Resolved! Can the IPS send block messages to the router?

Hi All!I was told by an engineer that the IPS sensor can be configured to configure a timed ACL on a router based on IPS alerts it receives (to block a specific IP address for example). Is this true? I did a search but as you can imagine all the resu...

Resolved! ASA 5520: Creating host objects via CLI

I am trying to create host objects that I'll then add to network-object groups for use in ACL/ACEs. When I try to create a host I am having trouble adding the IP address. I'm using the commands as found in guide for CLI on 5500 series:(config) object...

IDSM-2 Recovery

We have IDSM-2 modules in various 6509's, after an signature update the sensor has crashed. A module reboot does not resolve. Recommendation from TAC was to hardware reset the modules and reconfigure from scratch. Can anyone tell how to (or point ...

ASA 8.2(5) NAT Question

I'm sure this has been covered, but I have been unable to find the answer.I am in the testing phase of a project that will replace another vendor's firewall with an ASA running 8.2(5).Basic topology: Inside, Outside, DMZ1, DMZ2. Everything is operat...

Resolved! ASA 5520: Adding network objects via CLI

Hi (again),I'm working with ASA 5520s. I am trying to figure out how to add network objects via CLI. I know I could easily do it using ASDM, but I like to learn the hardway first. Question: How do I add the subnet mask for a network object when creat...

Rules cisco 877 firewall :-)

Good afternoon everyone.I have a firewall enabled cisco 877 with these rules.Interface Dialer0 IN 10 deny ip 0.0.0.0 0.255.255.255 any 20 deny ip 10.0.0.0 0.255.255.255 any 30 deny ip 127.0.0.0 0.255.255.255 any 40 deny ip 172.16.0.0 0.15...

ASDM 6.3 and ASA 5520

Hello Everyone, and thanks in advance for your time.We are running ASDM 6.3, and this is connecting to our ASA 5520. This morning we logged into the ASDM and the device list on the left side, was partially empty, it only contained the IP address to o...

Timeout for IDM/IME/CLI

Hi,Anyone know the session idle time out value for IDM, CLI and IME? I did not find this in the documentation and I have a PCI-DSS audit coming up so this would be nice to know.IPS 4255 - 7.0(6)// Mikael

Resolved! Nat for outside Traffic

Scenario:- ISP-A ISP-B | | RTR-A RTR-B | | ...

Network Security

Forum Posts

ASA transparant with Management Interface

Remark/Description increasing exponentially in asa 8.2(5) - ASA5550

Get statistics information

A wierd observation - Deny IP teardrop fragment

ASA - Inbound traffic on backup ISP connection

CCNP Security

Resolved! Can the IPS send block messages to the router?

Resolved! ASA 5520: Creating host objects via CLI

IDSM-2 Recovery

ASA 8.2(5) NAT Question

Resolved! ASA 5520: Adding network objects via CLI

Rules cisco 877 firewall :-)

ASDM 6.3 and ASA 5520

Timeout for IDM/IME/CLI

Resolved! Nat for outside Traffic

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?