Network Security

Need help on creating FWSM intra-chassis redundancy

hi,Currently we have two inter-chassis FWSM redundancy. I would like to configure them for intra-chassis.Both FWSM's are in slot 7 of 6509 switches and i want to take secondary out from one of the 6509 switch and insert in the slot 3 of primary switc...

Resolved! ASA 5505 DMZ no forwarding

Hi all :I think the ASA5505 I have is in basic license. When I open the third interacse : dmz it must activate No Forward command then can work.Any way to resolve this problem? is it must pay money to buy the license so that can work without No Forwa...

Resolved! SNMP Query for Byspass Status (AIP5)

I'd like to monitor the state of Bypass mode for the ASA-SSC-AIP-5 and would like to know if I can check this with SNMP and if so, which OID.I started messing with SNMP and the SSC5 a while back and started a thread about snmpwalk causing it to crash...

Resolved! Save configuration in ASA 5505

Hi all, I have this issue, I save the configuration in the ASA 5505 using write memory or using copy run start but whe i unplug the power cord and plug it back in the ASA gets its factory default configuration.... then what i do is a copy start run ...

ASA vs. SCTP

Hello,I woulk like to know if ASA 5550 apliance is able to handle SCTP (IP protocol 135) stream in terms of allowing/filtering based on FW rules. We have a problem, though we allowed SCTP IP prot to go through an interface, however I can see that 135...

Resolved! Cisco ZBF & Facetime

Does anyone know how to let facetime going through Cisco ZBF ?It uses a bunch of ports like describled in Apple's KB: http://support.apple.com/kb/HT4245 Now what can I do if I let those protocol going out:class-map type inspect match-any INTERNET-ACC...

Resolved! Access (or Ping) from Inside host to Outside host

Hi all :Attach is my ASA5505 config file.I am trying to ping from my inside host (192.168.1.110) to outside host (192.168.2.5) but could not make it. In fact, the inside is with high security (100) and outside low security (0) and this shoud be no pr...

AIP-SSM update issue

Hi all,I have two ASA5540 firewalls working in active/standby failover. Both have AIP-SSM-40 modules. I have configured the update source for the signatures from cisco .com with my smartnet. The problem is the SSM only on the active firewall is updat...

ASA 5520: Create Network Object for range of hosts?

Hi,I'm new to Cisco Firewalling. I'm migrating our network objects from our current firewall to a new ASA 5520 configuration. I'm using ASDM 6.4 for configuration.We have a range of IP addresses for hosts that we need to add to a firewall rule/ACL. I...

ASA syslog keeps sending to "old" syslog server and reports spoofing after changing the syslog server

Hello,We use multiple ASA 5500/5580 cluster systems running 8.3 software versions Actually we send all our FW syslog data to a SIEM appliance in a DMZ on a remote firewall (non-asa).Recently we suffered a strange incident while implementing a new SI...

ASA 5500 NAT problems with SCTP

Hi all, could anyone help me in this topic?

Can asdm-5505 allow apple bonjour protocol through VPN

Hi Everybody,I am trying to use the apple finder/application to view all my apple mac-mini computers. I do have two asdm-5505 connected via a vpn tunnel.At this point I can view only the computers on the local subnets. I called AppleCare and they ga...

Secondary IP address in ASA5510/PIX515e

Hi All,Just want to know if there is a way to configure secondary IP address on the outside/public interface of ASA/PIX.One of our clients have used most of their IP on the subnet given by their ISP. They use those IP's for staticallymapping to Serve...

PAT question

i have a 192.168.1.0/24 address behind the firewall of an ASA. they only want to translate the half of the /24 address as a routable ip, the rest of the addresses (/25) will not be translated.Would this work as below?global (outside) 1 interfacenat (...

Resolved! ASA 5510 8.4 DMZ question

I have 3 Servers in my DMZ. The Servers can VNC and ping each other fine. From 'inside' I can ping and VNC 2 of them, but not the third. From 'inside' I can access NS2 (172.168.1.12) and WebServer (192.168.1.10)I cannot access NS1 (172.168.1.11) ...

Network Security

Forum Posts

Need help on creating FWSM intra-chassis redundancy

Resolved! ASA 5505 DMZ no forwarding

Resolved! SNMP Query for Byspass Status (AIP5)

Resolved! Save configuration in ASA 5505

ASA vs. SCTP

Resolved! Cisco ZBF & Facetime

Resolved! Access (or Ping) from Inside host to Outside host

AIP-SSM update issue

ASA 5520: Create Network Object for range of hosts?

ASA syslog keeps sending to "old" syslog server and reports spoofing after changing the syslog server

ASA 5500 NAT problems with SCTP

Can asdm-5505 allow apple bonjour protocol through VPN

Secondary IP address in ASA5510/PIX515e

PAT question

Resolved! ASA 5510 8.4 DMZ question

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application

Disable checking of SIP traffic on FTD via FMC