Network Security

Resolved! NAT Issue

Kindly suggest whether the below NAT configuration can be done in FWSM.I have one Internal Interface & two external interface. The natted Global Address should be same for traffic routing via both the external interface.static (Internal,Outside1) 11...

Issues remotely managing Pix 501

Hi. I'm having issues trying to manage a Pix 501 remotely on one of our satellite sites. I can connect to it locally using ssh client (putty) and PDM but neither work from outside (Internet Explorer cannot display the webpage - via PDM). As far as ...

Resolved! cisco asa arp poison

Hello,I use a cisco ASA firewall in a L3 configuration.Result of the command: "show running-config sysopt"no sysopt connection timewaitsysopt connection tcpmss 1380sysopt connection tcpmss minimum 0no sysopt nodnsalias inboundno sysopt nodnsalias out...

Resolved! Intra-Interface Communications

Hello,I have problem with communications through ASA to MS exchange server.I'm testing new connection to the internet and ASA is a default-gateway for my VLAN (user VLAN).It's a similar problem described in this doc 'http://www.cisco.com/en/US/partne...

NAC CAS License

I have a NAC Manager with two licenses OOB and now I put two more CAS HA OOB licenses butafter I put that licenses i saw that Active Manager added just CAS OOB and Standby Manager added without problem.take a look these pictures.thanks

NaC shared key

Hi,Is it possible to know what "shared key" was used for NAC communication (CAS and CAM) in a setup that is currently in production?RegardsPrasanth Mathews

ASA5505 Losing Internet Connection

I have a Cisco ASA5505 that is dropping it's internet connection at random times. I can clear it by cycling the power on the ASA but with our weekend VPN users this is killing us. I have a copy of the config below and would appreciate any feedback. W...

http filter use QOS

Hi,all:my config like this:Class Map match-all 1 (id 3) Match protocol dnsClass Map match-all 2 (id 4) Match protocol http host "*cisco.com*"Class Map match-all 3 (id 5) Match not class-map 1 Match not class-map 2Policy Map 1 Class 1 Clas...

Police Service-policy individual or total?

Hello.If i set a service policy for the ACL match Any source and Any destination to 10Mbps does that mean the total is limited to 10Mbps or the maximum for each individual connection is limited to 10Mbps?Thanks.

ASA active/standby failover configuration

Hi every body,I have configured my ASA 5520 (Software version 8.1) as active/standby failover and it works very well, however i want to perfect my configuration. regarding my network topology, i would like that the primary device will be always activ...

Resolved! Same Service policy global for differnet class map or policy map

Hi,I know it is not possible to two different service policy on gloabl interface.Wanted to know if I do have defafult Class map i.e class-map inspection_default and policy map global_policy.It is inspected under service-policy global_policy global....

traffic count on ASA

we have a 2-server cluster with a virtual ip and this server/s connect to internet via an ASA firewall. Rules to allow these on certain ports are configured.i dont see any counts on acl with virtual ip, but ones with physical ip do show traffic.Is th...

Resolved! the case about the led of asa series

i confuse about what does the different color of led mean?like interface led , active , power, vpn ,standby.please help me to understand it , or maybe you can show me some decument about it.thanks a lot.

Voice traffic is dropping thorugh ASA

Hi,Running code 8.0 on ASA 5510.All internet through internal and DMZ perfect and mail server extra are working perfectly fine for me.All ports are opened from inside and dmz.Now voice facility imlimented with EPABX and digital phone.We are able to c...

Zone based firewall and VPN

Hello,we are trying to migrate from CBAC to ZBF to ease our firewall management. We translated all the ACLs to ZBF and it was a breeze. Everything went fine except one thing (the VPNs stopped working) which I'm hoping someone with more experience wil...

Network Security

Forum Posts

Resolved! NAT Issue

Issues remotely managing Pix 501

Resolved! cisco asa arp poison

Resolved! Intra-Interface Communications

NAC CAS License

NaC shared key

ASA5505 Losing Internet Connection

http filter use QOS

Police Service-policy individual or total?

ASA active/standby failover configuration

Resolved! Same Service policy global for differnet class map or policy map

traffic count on ASA

Resolved! the case about the led of asa series

Voice traffic is dropping thorugh ASA

Zone based firewall and VPN

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Hybrid Exchange/ SSL Decryption Error

FMC Unable to Join CSSM On-Prem

Fixed: "show conn flow-rule qos" gives Syntax Error: Illegal parameter

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

ASA running on 4100 chassi with FXOS - Smart license question

Cisco ASA RADIUS for SSH and LOCAL for Serial

9200和9300，通過管理口進行tacacs認證失敗，找不到原因

ASA Static Routing same IP with different subnet masks

General steps to migrade to a new Cisco Firepower hardware model