Network Security

Resolved! SQL Injection detection with IDS/IPS on cisco ASA?

Hi Is it possible to detect or prevent SQL injection attacks using Cisco IDS/ IPS on ASA or with regular expressions?Is there any signature available in IDS/IPS for this? And how effective it is in terms of generating correct alarms?Thanks in advance

How to Disable Telnet on IPS?

To whom it may concern,Good day, I hope your week is going well. I recently discovered that my IPS sensors are listening for and accepting telnet traffic. I looked at the configuration in the CLI, and it is disabled; however, when looking at the li...

DNS Doctoring - specifically DNS TTY rewriting on ASA or PIX or IOS device?

Hi,We've managed to get ourselves into a bind (no pun intended) with DNS TTL values. A little history is required.We use a couple of service providers to run a couple of private intranets with one of the intranets getting some services from the othe...

Connect to internal server via SSH

I have a vendor trying to connect to one of my servers. To this point, he's been able to connect using a specific port. I created an entry in my access list - access-list inbound permit tcp host xxx.xxx.xxx.xxx host 167.21.xxx.xxx eq 397. He was...

Resolved! How to open port for a single IP

HI , I want to give sVN access to a remote client. So I need to give access only his IP. Please suggest what will be the access list.. Thanks Amardeep

Resolved! Asterisk Behind ASA with Double NAT issue

Hi, i am unable to register my softphone on Public IP of my DSL modem 86.87.100.106i am forwarding all ports from 86.87.100.106 to Firewall outside subnet 192.168.0.18and then doing static nat of 192.168.0.18 with actual server that is 192.168.165.11...

Resolved! Accessing Exchange Server from DMZ

Good morning, We have a ASA5510 with a webserver in the DMZ network 10.2.2.0/24. We now want this web server to be able to access the Exchange server in the Inside network 10.1.1.0/24. I researched this and it seemed straight forward according the th...

Intrusion prevention AND content security with ASA

Hello, from what i'm reading, with ASA5520-5540 i cant have both at the same time... what is the right way of securing my network with both solutions? Do i put two 5520s "in-line" one with CSC-SSM and another one with AIP-SSM? Thanks!

ASA failover: secondary ASA disabled failover on its own

Hi allI have a failover pair of ASA 5520 (Software Version 8.2(4)4) located in two different data centers.Because of a network issue the layer 2 connection between both locations has been interrupted for a couple of seconds and the ASAs went into spl...

Resolved! ASA NAT Exemption

I'm running ASA software 8.4(2)I've setup the anyconnect VPN system, and it works fine. However, it's NATing to the inside interface of the ASA. How do I do the NAT exclude ?The docs say you *used* to do:access-list no_nat permit ip 192.168.0.0 255.2...

Resolved! Unable to copy to ASA flash

I was trying to upgrade from 8.3.1 to 8.3.2. but I am unable to copy via tftp to the ASA flash or disk0:ASA5520# copy tftp: flash:Address or name of remote host []? 10.88.127.153Source filename []? asa831-k8.binDestination filename [asa831-k8.bin]?Ac...

Resolved! snp_drop_none

Hi,What does this message on the end of the logged line mean?Aug 18 2011 13:16:55: %ASA-6-302014: Teardown TCP connection 37247 for outside:192.168.26.125/3618 to inside:172.26.1.5/18082 duration 0:00:00 bytes 0 <snp_drop_none>ASA 5505 v8.4(2). Thank...

FWSM Problem: Terminating TCP-Proxy Connection Error Message

Hi All,We are receiving an error "%FWSM-5-507001: Terminating TCP-Proxy connection from interface_inside..." in our FWSM 4.0 (12).The RTSP inspection already disabled in the firewall. But the problem still persits. I have captured and analyzed the fi...

ASA 5505 losing outside interface

Hi all, I have a problem where my outside interface stops passing traffic and the only way to resolve the issue is to reload the ASA, the interface never is down it just stops passing traffic.The inside interface never stops allowing traffic to pass ...

Resolved! Add remark using CLI to ASA

Hello,I'm faily new to the CLI world of the ASA. 1.) I've just added an access rule, but how do I add a remark to this access rule? Do I need to find the line it exists on?2.) How do I insert a rule before another using CLI?Thanks

Network Security

Forum Posts

Resolved! SQL Injection detection with IDS/IPS on cisco ASA?

How to Disable Telnet on IPS?

DNS Doctoring - specifically DNS TTY rewriting on ASA or PIX or IOS device?

Connect to internal server via SSH

Resolved! How to open port for a single IP

Resolved! Asterisk Behind ASA with Double NAT issue

Resolved! Accessing Exchange Server from DMZ

Intrusion prevention AND content security with ASA

ASA failover: secondary ASA disabled failover on its own

Resolved! ASA NAT Exemption

Resolved! Unable to copy to ASA flash

Resolved! snp_drop_none

FWSM Problem: Terminating TCP-Proxy Connection Error Message

ASA 5505 losing outside interface

Resolved! Add remark using CLI to ASA

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

key advantages of cisco 1220cx Over fortinet firewalls

How to Modify Content-Security-Policy (CSP) for FTD Remote Access VPN

IPsec session (Phase 2) hang. Cisco Secure Firewall (Firepower)

Change Syslog Port Cisco FirePower Management Center

CSCwb82223 - Multiple faults for blades 2 on 4115 with 1 SSP installed

ASA 5516X keeps crashing/restarting

FMCv Licensing

FMC 1000 to HA FMC 1600: Upgrade Strategy & CUFA to ISE-PIC Migration

ASA VPN policy based on AD groups

Which license do I need for the PLR process for a FPR 1120