Network Security

Resolved! ASA 5505 Security Plus VLAN Sanity Check

Hello,If anyone out there with ASA 5505 Security Plus VLAN experience would help me out, I’d really appreciate it. I’m attempting to plan an implementation on a production 5505, but I don’t have the Security Plus license to try things out in a test l...

Resolved! Cisco ASA wrong logging information's

We have a Cisco ASA 5510 and is running fine. On the ASDM interface the log show the correct source ip address but as destination address we get always the ASA outside IP address instead of the real destination ip address. We try to find a settings o...

Resolved! NAT configuration.

Hello,I need to NAT my internal server and allow traffic to 2 vendor servers on ports 443 and 80. I'm using ASA 5510. Can you please confirm that the following lines are the way to configure this scenario:my internal server's IP: 10.10.10.10/16public...

Resolved! ASA 5510 intervlan routing

Hi, Could you please help to advise? I have issue on my project . I have already setup the ASA 5510 and configured eth0 for outside ( security-level 0) , eth1 for DMZ (security-level 50 ) and eth3 for internal network ( security-level 100 ). I want t...

ASA 5540 duplicate TCP SYN from inside

Dear,I keep getting the following warning from the ASA ASDM syslogDuplicate TCP SYN from inside:192.xx.xx.xx/63993 to outside:xx.xx.xx.xx/25 with different initial sequence number. The client in question sitting on the inside of the ASA is trying to ...

Cisco ACS 4.0 EAP-TLS machine based 802.1x with AD

Here's my situation. I currently have 802.1x working perfectly with Microsoft IAS, but we are wanting to use ACS 4.0 due to the fact that we also need the IP Phones to authenticate as well using EAP-TLS. I have configured ACS correctly (so I think) a...

Resolved! ASA 5520 NAT/PAT issue

Hi there,I have an ASA5520 firewall and have the following already in place :name 123.123.123.123 EXTERNAL-NATaccess-list OUTSIDE_OUT extended permit tcp host EXTERNAL-NAT host xxx eq 5061 access-list OUTSIDE_OUT extended permit udp host EXTERNAL-NAT...

Cisco ASA 5520 Design Question

HelloGot a 5520 with all the clients coming in on one interface and got a few other interfaces with servers behind them. In our group we are discussing how set this up with access-lists and or security levels.1: is to set lower security levlel on the...

Sample configuration for ASA in Tranparent mode

Hi,Can any one provide me the sample configuration in CLI to set up ASA 5510 in Transparent mode.I have a 2811 router and intend to connect my servers behind the ASA 5510 firewall in transparent mode.Thanks in advance.

Scanning log messages.

Hey There,Can you guys look at these log messages and let me know what you think? Looks like my network is being scanned big time.What's the best way to address this issue? Is there a way to find out if my ASA/company is being targetted?Dec 10 2010 1...

Restore ASA5520 Configuration

I have an ASA5520. I am curious if there is a way to restore the configuration from backup via TFTP. Everytime I make a change to my config I back it up by doing, "wr net x.x.x.x:ASA5520.txt". On the PIX515 you could enter the following 2 command...

ASA IOS bug review

We are currently at verison 8.2.1 on our ASA Firewalls and want to upgrade to 8.2.3 to resolve some security bugs. Is there a way I can find all open bugs relative to 8.2.3? I went to the bug toolkit and tried to find 8.2.3 but only found 8.2. Doe...

Migrating from SSM-20 to SSM-40

Hi all,We're using SSM-20 for the moment and we plan to replace it with SSM-40. We'd like to know if- the IOS supporting SSM-20 will also support SSM-40 - the ASA and module will keep the config or do we need to configure the module and signature aga...

DMZ ASA5510

Hello,I've just received my CISCO ASA5510 in order to replace My SonicWall Pro 100 but i've one Problem, i explain :Actually ,the network has a LAN, a WAN and a DMZ.We 've got a 6 public IP block ( xx.xx.xx.xx / 29 ).I have two servers in the dmz usi...

NAC Clean Access Agent doesn't pop-up

Hi,I have installed and configured NAC 3310. I have configured L2 OOB virtual Gateway (As it is a central deployment). I did the following in my configuration:1. Install the Manager2.Install the Server3.Add the server to the Manager4.Configure Manage...

Network Security

Forum Posts

Resolved! ASA 5505 Security Plus VLAN Sanity Check

Resolved! Cisco ASA wrong logging information's

Resolved! NAT configuration.

Resolved! ASA 5510 intervlan routing

ASA 5540 duplicate TCP SYN from inside

Cisco ACS 4.0 EAP-TLS machine based 802.1x with AD

Resolved! ASA 5520 NAT/PAT issue

Cisco ASA 5520 Design Question

Sample configuration for ASA in Tranparent mode

Scanning log messages.

Restore ASA5520 Configuration

ASA IOS bug review

Migrating from SSM-20 to SSM-40

DMZ ASA5510

NAC Clean Access Agent doesn't pop-up

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCvx25052 - DOC: FTD Syslog messages 43000x missing from FMC

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

EIGRP authentication FlexConfig FDM

Issue with FPR-1150 CDO License and 90-Day Log Retention

FTD FMC managed back up to FTD FDR managed

Cdo manage Ftd

Cisco ASA 5525 Migration to FPR-1140