Network Security

how can the IPS inspect the encrypted packets?

dear experts, helloi'd like to ask a question about how the IPS can inspect and prevent any atteck in the encrypted packets in some sessionssuch as vpn or ssh sessions, is there a technique helping forthat in the IPS?thanks alot for your helplabib ma...

IME and MultiSessions

We have some <other vendor> IPS and for a new implementation we bought IPS Cisco 4270, i have taken the couse of Cisco IPS and I liked how it works. But we have a big problem thats apply to our company, at different level the manager, boss and the us...

Port translate 2 ports back to the same place?

Using NAT is it possible to Port Translate 2 ports ie tcp 80 and tcp 81 back to tcp 80 on 1 ip address?ie.static (inside,outside) tcp interface 80 10.10.10.10 80 netmask 255.255.255.255 static (inside,outside) tcp interface 81 10.10.10.10 80 netmask ...

ASA config issue

Getting error message "access-list used in static nat has different local addresses" while configuring the static nat statement. But the configuration exists in the running config and the same is working fine. But upon reboot of the device the statem...

Resolved! Query regarding same security interface in ASA

Hi halijenn / pkampana/allI have a query regarding traffic traversing from one interface to another with same security level as of otherInside range -> 192.168.10.0/24Inside1 range -> 10.10.10.0/24The inside interface and inside1 interface have same ...

Resolved! what is the difference between the IPSv6 and IPS v7?

dear experts, helloi'd like to ask about the difference between the in the ips v6 and ips v7is there any document mention that?thankslabib

ASA load balancing for two diff. Service Providers

Hello Group, Need your help, I need your help on this. in my organization I use two different service providers in which for one service provider I have to use static IP and for second service provider I use BGP, is it possible to equally load balanc...

using the management interface as the failover interface

cisco does not recommend the use of management interface for failover. one reason is the management interface is not Gigabit but a 100mbps link. i monitor the traffic load on the ASA using MRTG. if my OUTSIDE, public facing, interface has a YEARLY ...

ASA NAT/route lookup problems

Hi,We currently have ASA's running 8.2(11) and I'm finding when we try and nat (outside to inside) the ASA does a route lookup and even though it's supposed to NAT, it then trys to route the connection back out the outside interface...Source: 10....

Resolved! how to monitoring IPS event logs !

Hi ,We have Some Cisco IPS and also juniper IDP sensors in our networks ,with juniper i use NSM for analyzing network logs,attacks,generating different kind of graphs and stuff like that,its so easy to work with and also its informative, but with cis...

Resolved! ASA5505 with software 8.3(1) NAT/PAT

HelloI have the following scenario:ASA5505 connected to a DSL modem, and behind this ASA i have a Linux machine that people need to access via SSH. I have it mapped to my outside interface doing PATstatic (inside,outside) tcp interface ssh linux sshI...

Resolved! Cisco ASA 5510 config with SSM

I've been tasked to replace our old sonicwall tz170 firewall with an ASA 5510 and configure it (which I've never done, only routers and switches) and I have a few questions. I'm inside the ASDM and I'm trying to setup my outside interface... The 55...

IPS with Anomaly Detection

Hello guys!Anomaly-detection algorithm detectand stop zero-day threatsDoes the above means that no attack may Happend when we have used the anomaly detection on the IPS?Thanks

NAC in Inband L2 Virtual mode

Dear Experts,I m planning to implement NAC INBand virtual mode,as if i have HP and cisco switches in my network,I have read the installation guide and cisco press book for NAC,as if now i want confirmation from you'll experts the step by step procedu...

NAC switch reporting ifindex different than physical in CAM

I have set the "snmp ifmib ifindex persist" on an older WS-C3550-24PWR switch that is being used in a L3OOB deployment running IOS 12.2(44)SE6. When I manage this switch in the CAM, I have interfaces out of order in terms of their "Index" vs their "...

Network Security

Forum Posts

how can the IPS inspect the encrypted packets?

IME and MultiSessions

Port translate 2 ports back to the same place?

ASA config issue

Resolved! Query regarding same security interface in ASA

Resolved! what is the difference between the IPSv6 and IPS v7?

ASA load balancing for two diff. Service Providers

using the management interface as the failover interface

ASA NAT/route lookup problems

Resolved! how to monitoring IPS event logs !

Resolved! ASA5505 with software 8.3(1) NAT/PAT

Resolved! Cisco ASA 5510 config with SSM

IPS with Anomaly Detection

NAC in Inband L2 Virtual mode

NAC switch reporting ifindex different than physical in CAM

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

FMC IP fragmentation to no fragmentation settings can couse outage?

Limit the number of concurrent logins to DNAC

Cisco FTD Migration from 4100 to 4245

My CSLU(Cisco Smart License Utility) can't login into Cisco.

same question, same issue, Intervlan routing not possible at FTD

Need expert help with Firepower intervlan routing

ASA 5506 SSP Version?

FMC 7.2.5.1: Smart Agent is not registered with Smart Licensing Cloud

FTD 3105 : the disk /dev/nvme1n1 is unable to be unlocked or reverted

Stateful Firewall on Cisco Catalyst 9300 Series SwitchesStateful Firew