Network Security

Resolved! How to configure ASA IPS which is connected on the Internet

Hello Guys,I am a beginner in ASA IPS Concept and my company OWN a 5520 ASA .Currently ASA has been connected to ISP connected router and serving as an Firewall to controll internet traffic whichis integrated to Websense for URL filtering.Can you ple...

Resolved! MSFC placement in FWSM Deployment

Hello everybody,I was going through the FWSM configuration guide and came around a concept of placing the MSFC in front or back of the FWSM. What i have understood is if you create a VLAN10 and assign this VLAN10 to the FWSM and then create the SVI f...

PIX 515 E high memory usage

memory usage : 94%Firewall has 64 MB RAM.Version 8.0.3I disabled threat detetection and buffer logging, but no change. Rebooted two weeks ago and a decrease to only 88%. Now it is back up to 94%.any idea why high memory usage, or how to troubleshoot ...

How to configure NAC to automatically direct the user to the untrusted interface of CAS.

Hello,Just want to clear how can I configure the NAC to direct the user to the untrusted interface of CAS automatically.Now, I am manually entering the ip of the untrusted interface to my internet explorer before I can have NAC agent to download.How ...

ASA 5520 - what's using my memory?

Hello,I have 2 ASA 5520's in active standby mode, they are on IOS 8.2(2) and have 512mb of memory. For some reason the memory usage went from 70% to 85% at 4pm yesterday. When I look back at the the changes at that time all I did was add a subnet to...

ZBFW and NAT

Hi,I am setting up a zone-based firewall and NAT for inbound public traffic to internal private IP addresses. I am using a 2911 router with all the security bells and whistles. Do I set the destination as the public address or the private? I found a...

stable IOS for ASA 5510?

i'm having all sorts of problems w/ VPN stability on the 8.2 and 8.3 IOS lines for my ASA. should i take it back down to 7.0.8? this is really pissing me off. what's up w/ all the bugs?

Resolved! NAT Hairpin Problem

I've setup NAT hairpin for inside hosts to use the public IP of the inside webserver as follows:inside client:10.156.16.28webserver: 172.22.35.10 NAT's to 24.x.x.xI used these commands:same-security-traffic permit intra-interfacestatic (inside,inside...

NAT table full .

Hi, what happens when the nat table (memory !) is full on a firewall module 4.0.All traffic is stopped ? MR

design/risk

when designing DMZ we usually put a dedicated L2 switch for connectivity between firewall interfaces and public servers...and we create vlans in this switch according to DMZ..what risk can be found if i create these L2 vlans in our collapsed distribu...

FWSM - how do I identify which 6500 chassis I'm on?

Hi Everyone,I currently login to a FWSM (remotely) on my network but I do not know what the chassis is. Also if I do find the chassis with a FWSM in it, I'm unablt to do the session command as this is not allowed via tacacs authorization.Any usefull ...

[Resolved]dcrcli using DCRCLIFILE LMS 3.2

Hello,I'm using the LMS 3.2 on a Windows Server 2008.I've got an issue in using dcrcli with DCRCLIFILE.I correctly wrote the DCRCLIFILE.dcrclifile.txtadmin networkand I added the enviroment variable with the right value.DCRCLIFILE=c:\Program Files (x...

FTP stopped working once upgrade FWSM from 1.x to 4.0

Hi,Admins are no longer able to initiate FTP from the Inside network to the same servers at the Outside network, once upgraded FWSM from 1.x to 4.0.x.FTP inspection in the policy map is there, as you know it is the default config.Appreciate your expe...

Resolved! Reg. routing issue

Hi halijenn / pkampana / allI have an issue where there are overlapping networks at inside and outside of ASA hence is it possible in the ASA that i can segregate the traffic by means of routing or NATTING ?(192.168.16.0) Router (at WAN Branch) -----...

CSC module licence expire

Hi,we have bought the CSC modules few years back and now the licence has been expired few months back. we used the CSC for only a month when we bought just to test these and after that they are left without doing anything and expires. Now we would li...

Network Security

Forum Posts

Resolved! How to configure ASA IPS which is connected on the Internet

Resolved! MSFC placement in FWSM Deployment

PIX 515 E high memory usage

How to configure NAC to automatically direct the user to the untrusted interface of CAS.

ASA 5520 - what's using my memory?

ZBFW and NAT

stable IOS for ASA 5510?

Resolved! NAT Hairpin Problem

NAT table full .

design/risk

FWSM - how do I identify which 6500 chassis I'm on?

[Resolved]dcrcli using DCRCLIFILE LMS 3.2

FTP stopped working once upgrade FWSM from 1.x to 4.0

Resolved! Reg. routing issue

CSC module licence expire

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

FMCv 7.2.5.1: High CPU load - how to troubleshoot?

Cisco FTD Migration from 4100 to 4245

My CSLU(Cisco Smart License Utility) can't login into Cisco.

same question, same issue, Intervlan routing not possible at FTD

Migrate from FMC virtual 300 to FMC virtual

Multi instance 3120 FTD - Each instance in different FMC Domain

FDM DHCP Relay

Need expert help with Firepower intervlan routing

ASA 5506 SSP Version?

FMC 7.2.5.1: Smart Agent is not registered with Smart Licensing Cloud