Network Security

PIX 515E Not Allowing Access To The Internet

Hi,I'm reconfiguring my PIX 515E from scratch and am unable to get out to the internet. I can ping around my internal network. I can also ping the outside interface (x.x.148.213 - provided by my ISP) as well as my ISP's next hop (x.x.148.214). It'...

Resolved! ASA 5540/5520 Failover

Hello Experts,Just had a quick question regarding ASA failover: Is it possible to have an ASA pair, with the primary ASA being a 5540 and the standby device an ASA 5520 (or vice versa)? I need to replace a set of ASA 5540s with with ASA 5520s on our...

Resolved! LOCAL Authnetication

I set the enable, http, and console authentication on an ASA5510 to LOCAL,but did not configure local users. Now I can't log into it with the original crendentials. Fortunately, I did not save the configuration to flash so I could always power-cycl...

Resolved! Close Port Cisco PIX 506E

If I add a Deny ACL after all my permit ACL's will a deny any source to port 500 close the port on my PIX 506? I need to keep that port from showing up in a scan to comply with security standards? Also this should not cause ...

Resolved! NAC Manager HA stop responding

Hi guys, I have 2 CAM working in failover. 3 times this failover had stopped responding sudenly. I couldn´t managed the device through the GUI o SSH. The two devices not responded. The only way to take the control back was restarting them. They have ...

Resolved! Updating Cisco IDS 4215 signatures

Hello people, we have some Cisco IDS 4215 and would like to know if upgrading the signatures we can remove those released previously or if the previous ones should not be eliminated.Following system information from one of these devices.***TAC Contac...

ICMP Stateful

Hi,Most of us knows that ICMP is not a stateful protocol, and we can make it using ICMP inspection in ASA.As per my understanding,In TCP, TCP Flags are making TCP capable of stateful protocol, In UDP, src and dst port numbers playing the role to make...

ASA nat-control issue

We are looking for a clarification of ASA nat-control command. Unfortunately, we don't have spare device to test it out.The situation is as follows:An ASA firewall has three interfaces: "inside", "outside", and "corpinside".nat-control is DISABLED.A ...

Resolved! Telnet garbled on smtp port via ASA

Hi folks,I am experiencing garbled telnet sessions on port 25 to ms-exchange servers on the other side of an ASA5520.This is an MS "basic check" for inter-server email comms, but is proving problematic.SMTP is permitted through the ASA.Suggestions we...

Display the power supply status in the IPS 4270

How to display the status of the power supply on the IPS 4270since the IPS has two power supplies and one has failed, so i want to check what is causing this failure (i am looking for a message from the CLI describing that the IPS power were failed).

unable to access internet through firewall

Hi,my pix515e which is running 8.0x ios unable to access internet through it. domain name server is external(ISP), on it's next hop router ip domain-name ip address is configured. could u tell me what changes i should make to my firewall to make it w...

Problem with PIX 500

I have a pix 500 firewall box.I have a system which is on DMZ and IP is 10.40.1.16, there is webserver running on this.Whenever VPN users connect to VPN they are unable to access this system. But the moment they disconnect VPN they are able to connec...

trying to access standyby asa when using eigrp

Hi allIm having an issue where I am trying to telnet to my standby asa, to get it to work before I had to redistribute a static route back to my main network this then allowed me to telnet to both standby and active asa's. however the static route wa...

Reg. upgrade for ASA failover

hi halijenn / pkampana / allI am upgrading ASA (in failover) from version 8.0 to 8.2 which i believe is next minor version for 8.0 (as 8.1 is used for ASA 5580) so please let me know if Zero downtime is possible for the same as per the below link or ...

Resolved! Traffic Policies IN NAC

Hello friends,For host remediation we shld allow for access to a particular destination or by default it is accessible?????ORtraffic policies are applied after a host passes posture assessment and remediation.??? to limit network access.Thanks

Network Security

Forum Posts

PIX 515E Not Allowing Access To The Internet

Resolved! ASA 5540/5520 Failover

Resolved! LOCAL Authnetication

Resolved! Close Port Cisco PIX 506E

Resolved! NAC Manager HA stop responding

Resolved! Updating Cisco IDS 4215 signatures

ICMP Stateful

ASA nat-control issue

Resolved! Telnet garbled on smtp port via ASA

Display the power supply status in the IPS 4270

unable to access internet through firewall

Problem with PIX 500

trying to access standyby asa when using eigrp

Reg. upgrade for ASA failover

Resolved! Traffic Policies IN NAC

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

Cisco FTD Migration from 4100 to 4245

My CSLU(Cisco Smart License Utility) can't login into Cisco.

same question, same issue, Intervlan routing not possible at FTD

Migrate from FMC virtual 300 to FMC virtual

FMC Connection Events Export

FTD and FMC backup creating a sf-storage folder

Route Based VPN FTD

Multi instance 3120 FTD - Each instance in different FMC Domain

FDM DHCP Relay

Need expert help with Firepower intervlan routing