Network Security

ASA syslogs software

I need a software to capture my ASA syslogs.currently I am using kiwi syslog, but there is a limit to what it can do.I cannot customize what I want to search and there is no function to create reports based on the syslogs.is there any other syslog so...

RDP Access-List

Dear Experts,Just want to ask you if can i permit RDP connection to AD Server but at the same time deny all outgoing traffics from such server - if I am connected through RDP ?Example :AD : 192.168.0.100Exchange : 192.168.0.200If someone connects to...

Resolved! Latest signature package (pkg) for IPS

Hello,Really need a hand to understand what the .pkg files are doing?I have download a latest signature package - IOS-S573-CLI.pkgI copied it to flash on a test router and I can access it via SDMI have setup my router and put in all the config for IP...

NATing to an FTP on DMZ

HiPlease please please can someone help. I have an FTP server running on my DMZ. I can access it fine from another computer on the DMZ and am trying to open it up so I can conect via the 'net. After spending hours with google I have got as far as ...

ASA5510 routing configuration ?

Hello,I try to setup a ASA5510, but without success.Actually, I have Cisco1800(192.168.96.1/21) from my ISP connected to a cisco 3825 (via port with IP 192.168.96.2) all is working good.Now I want to insert a asa firewall between ISP router and 3825....

Resolved! port forwarders

Hi,I've been asked to look at an ASA that is having issues. I don't recall seeing port forwarders in flash before. Is this legit or some kind of hack?sh flash--#-- --length-- -----date/time------ path 114 14635008 May 02 2011 00:59:32 asa803...

Resolved! Is it possible to apply a security policy based on domain names as apposed to IP address/ranges on an ASA5505/ASA5510. I have been told this is impossible, but just incase anyone has found anything new?

We have a requirement for a WSUS server to receive updates which sits behind a ASA5505/ and in some cases ASA5510. I understand to enable this to happen the WSUS server needs to communicate with many DNS names and therefore there are many potential ...

asdm 6.4(3) strange display

We have a 5510 running 8.4(2) and ASDM 6.4(3) and I don't see the nonat statements above the translated statements after upgrading from 8.4(1) to fix an ssh issue. They are there in the CLI, and I added one more, then exited and brought it back up ne...

NAT Processing Query - PIX 6.3

Hi All,I have a query regarding order of NAT processing with the following configuration (as an example):nameif ethernet1 inside security100 nameif ethernet2 dmz1 security50nat (inside) 0 0.0.0.0 0.0.0.0static (inside,dmz1) 192.168.0.0 192.168.0.0 ne...

Revisiting basics in interface configuration

I have an ASA5520 (8.2 version of firmware) whose physical ports are all taken. I want to add a subinterface, but I believe I have set it up incorrectly:interface GigabitEthernet0/0description Ethernet to 2800 router (internet gateway)speed 1000duple...

Resolved! FWSM and ACE s/w compatibility

We have a pair of 6500s with Sup720 running 12.2(33)SXI3. Each has an ACE-20 (s/w A2(2.0)) and FWSM (s/w v3.2(15)). We have reached a limit on the number of rules we can configure on the FWSM, and have determined that we shall upgrade to 4.1(5), with...

Resolved! Error message when failover from standby to active in ASA5585

Hi all!I have two ASA in failover with Active/standby configuration. When I switch from standby to active from the standby ASA I get a lot (like 100) of error messages like these below:asa5585/sec/stby# failover activetransport_gport: ERROR - UDP inv...

Help with NAT configuration on ASA

I have a current ASA (5540, 8.3(2)) that is running in routedmode, doing a VPN endpoint as well as a wirewall for anotherinside network. They use the single public IP addressthat is on the outside interface, which carries thedefault route.I want to ...

How to design Remote access VPN with IPS Module on ASA 5505

Hi All,I am proposing Remote access VPN solution to my client as per the attached diagram. However they are required IPS solution as well.So in this case i dont think i can implement the IPS with outside interface in inline mode because of the encryp...

Cisco ASA and X-Forwarded-For header

Hi all,We have an ASA Version 8.0(5)19 as our firewall.We are trying an cloud service on the internet and found that the ASA is removing the X-Forwarded-For on the header on the surf traffic.Is it posible to not remove the X-Forwarded-For in ASA?Reg...

Network Security

Forum Posts

ASA syslogs software

RDP Access-List

Resolved! Latest signature package (pkg) for IPS

NATing to an FTP on DMZ

ASA5510 routing configuration ?

Resolved! port forwarders

Resolved! Is it possible to apply a security policy based on domain names as apposed to IP address/ranges on an ASA5505/ASA5510. I have been told this is impossible, but just incase anyone has found anything new?

asdm 6.4(3) strange display

NAT Processing Query - PIX 6.3

Revisiting basics in interface configuration

Resolved! FWSM and ACE s/w compatibility

Resolved! Error message when failover from standby to active in ASA5585

Help with NAT configuration on ASA

How to design Remote access VPN with IPS Module on ASA 5505

Cisco ASA and X-Forwarded-For header

ACME on ASA

Reuse Object Group in a single ACL line

CSCwm49782 - enhance sma 2nd cruz heartbeat logging

Security Intelligence feed/list change alerts

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Snort3 rate filter

PBR with AnyConnect

FMC: Automatic renew certificates?

Finding the forgotten IP address of a Cisco PIX 506E

Nexus using sha256 authentication for NTP