Network Security

NAT Exemption from DMZ to Inside

Hi,I am having ASA 5540 with 3 interface, outside, inside (172.16.1.254) and dmz (172.16.254.254). 1 of my DMZ server (172.16.254.251) needs to access 1 of my inside server which having IP 172.16.1.250).Now 1 way to do this is to add static NAT (to p...

Resolved! replace 1811 router with ASA 5505

Hi, Please see the attachments. I'm trying to come up with the config that would allow me to replace an 1811 router with a ASA 5505.The ASA has a Security Plus license. While there are many unfortunate features of the current network design that c...

Resolved! ASA 5500 from inside to dmz access with private and public address

Hi,My ASA is a simple setup with a dmz, customer don’t have a dns server in the insidenetwork. So I use dns doctoring to access the web server in the dmz withpublic address.static (dmz,inside) 11x.x.xx.ccc 192.168.x.x netmask 255.255.255.255 dnsIf I ...

Going with NAT Exemption!!!!

Hi FolksKindly Have a look to the Attached Diagram The Matter is our 3 sites are connected through MPLS Cloud so that in Site 3 I Dont prefere to go translation to reach the other 2 sites ,and way back...so am thinking to go with NAT Exemption tied ...

ASA Configuration for Internet for the Particular IP Address

Hi,I have Cisco ASA and i configured for the Internet Access for the whole subnet but i need to configure the asa only for particular IP addresses not whole subnet. Can anyone tell me please how to configure?Thanks,

Resolved! CISCO ASA 5520 ASA/ASDM upgrade

I have a CISCO ASA 5520 with ASA version 7.0(8) and ASDM version 5.0(8) I need to upgrade this to ASA Version 8 and ASDM Version 6.I know I am not supposed to upgrade directly to those versions. But do I have to upgrade to each available upgrade firs...

How to select Signatures for IDS/IPS

Hi EveryoneThere are number of signature that are available for use in IDS/IPS and we can select a signature if we want to generate alarm for the signature or not?I want to know what is the basis of selecting which signatures to enable and which sign...

Limiting outbound FTP Traffic

I want to limit the Outbound FTP access from my internet LAN. Is there any way to limit the outbound FTP traffic, also i already have an extended ACL applied on my WAN interface. Please let me know how to limit the traffic .Thanks

asa as dns ?

hiif asa is not acting as dhcp server and clients behind the inside interface of firewall are having static ip add is it possible for the firewall to still assign the dns address considering that those dns servers are external to asa firewall . if ...

Resolved! ASA 5505 dhcpd limit of 32 addresses

Hi,I've noticed there is a limit of 32 addresses with dhcpd. Is that limit higher with the Security Plus license on a 5505?

Resolved! ASA Upgrade

Hello Dears,Below is the Type of Upgrade Support what i have read.I want to upgrade from 8.0.(4) to 8.2.(4) Can i upgrade directly to 8.2.(4) or i have to upgrade first to 8.2.(1). As per the STEP 3 in (Active/Standby Failover Configuration) below w...

QoS on ASA

I have configured!interface Ethernet0/0nameif outsidesecurity-level 0ip address 2xx.2xx.1xx.x 255.255.255.xxx standby 2xx.2xx.1xx.x!interface Ethernet0/1no nameifno security-levelno ip address!interface Ethernet0/1.11vlan 11nameif insidesecurity-leve...

rate limit in ASA

hii have 2 ques for qos featue in firewall. i have gone thru qos guide but was not able to figure out1) how can we control or limit the amount of bandwidth for a single host in both inbound and outbound direction . also if the same IP Address is gett...

Stopping an UDP Flood

Hello,The last week i have had a lot of UDP Flood attacks. I can't seem to figure out how i can stop them with my cisco asa 5505.The ports are all closed to the internal IP address (firewall is in transparent mode) accept for a view desired ports, bu...

2821 Router Config to ASA5510

Hello, but how would this router config be implemented on an ASA5510 8.3 version.ip nat inside source static tcp 172.18.10.84 3779 75.112.144.39 3779 extendable

Network Security

Forum Posts

NAT Exemption from DMZ to Inside

Resolved! replace 1811 router with ASA 5505

Resolved! ASA 5500 from inside to dmz access with private and public address

Going with NAT Exemption!!!!

ASA Configuration for Internet for the Particular IP Address

Resolved! CISCO ASA 5520 ASA/ASDM upgrade

How to select Signatures for IDS/IPS

Limiting outbound FTP Traffic

asa as dns ?

Resolved! ASA 5505 dhcpd limit of 32 addresses

Resolved! ASA Upgrade

QoS on ASA

rate limit in ASA

Stopping an UDP Flood

2821 Router Config to ASA5510

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Cisco managed applications in Firepower

FMCv 7.6 Policy Printing

CSCwn22565 - ERROR: cannot set default route for broadcast packets.

FTD Pre-filter blocking WCCP

SIP traffic not functioning as expected following migration

Cisco ASA 5540 Upgrade

Firepower1120 reimage to ASA

SVIs on FTD or not?

URL addresses get my domain added

How to delete hundreds of Unused lines - ASA