Network Security

asa vpn and pat

Hi to all,i have a simple question, is possible to configure an asa for a site to site vpn and to configure pat for internet connectivity at the same time?

Hey,I have 2 x pix515e's to setup. This is for a colo so there are no workstations/users on the lan/secured int. However i do have sql servers that i would like to keep out of the dmz from the web servers. should i setup the pix with 3 interfaces: 1 ...

Reflexive access-lists

Just a quick open question I hope.After recently reading about reflexive access-lists on Routers I was wondering if they are required on Cisco PIX or ASAs?Or is this kind of thing taken care of as default behavious on a security module such as this?T...

ASA Outbound Access Problem

good morning guys! we recently procured an ASA-5510 app. went thru the ASDM Setup wizard with External and Internal config. public and private IP's already established. accdg to the ASA doc, internal clients should be immediately able to get outb...

Resolved! ASA - Translate Destination IP only?

Hello All,I have a public IP and port (1.1.1.1:80) that is translated to a private IP:static (inside,outside) 1.1.1.1 192.168.1.1 netmask 255.255.255.255The ACL applied inbound on the outside interface permits any hosts to 1.1.1.1:80.My question is c...

GRE tunnel and static route issue

Hello,I've faced to an interesting thing at my GRE tunnels.sometime packets which I've defined a static route to tunnel as below don't route to GRE tunnel.ip route x.x.x.x 255.255.255.255 Tunnel0but when I remove it and add it after a short time it r...

One way audio ASA

Our setup is this. Call comes in via SIP Trunk, routes to CallManager through ASA and back out through to the remote site via VPN. Yeah, it's a complex setup I know. The problem is that when a caller calls and gets connected with a user, the calli...

ASA log - Deny tcp fin ack on int mgmt

While in ASDM via the management interface, I get ASA log entries every 30 seconds with 'deny TCP (no connection) from *** to ***/443 flags FIN ACK on interface management'. Operation of ASDM is not impacted, but I'd like to correct this if possible...

ASA 5520 version 8.0(4)

Dear All,I am thinking to configure a Policy Nat associated to a Static Identity Nat in order to exclude my internal networks from nat.access-list POI_NET1_POLICY_NAT extended permit tcp 192.168.0.0 255.255.252.0 object-group mail2 eq wwwstatic (insi...

howto show current session on ASA/PIX

Hi all,How can I see the current local host sessions through ASDM (grafically, like show local-host). Actually, I would like to know which local host is using how much bandwidth.Thanks,Norbert

DMZ vs Public Sever option in 8.2

Could someone explain the real differences between these two options on the ASA 8.2 release? I know a DMZ is assigned a different security level and the device has a real public IP assigned to it where the Public Server option is a server with a inte...

FWSM DHCP-relay configuration triggered a failover !

Hi,I have two FWSM in multiple contexts mode and working as active/standby. I configured DHCP relay on one context interface (DMZ), using the ASDM graphical interface. When applying the configuration, a failover occured, which led to loss of connecti...

ASA8.2 and CSM/MARS

Just a quick question - will Cisco Security Manager and Mars support ASA v 8.2 or do I have to wait for a software upgrade before looking at updating my firewalls?

management system for IDS/IPS

Hi, I would like to know if there is a management tool for IDS/IPS. I know there is ASDM for FW. Could I use this? Thank you in advance.Regards.Giuseppe

Access List needed only to allow Site-to-Site tunnel

Hi guys,I need to lock down the outside interface on an 871 router which is currently having a L2L tunnel with a remote router. I need to apply an ACL to the outside interface of this 871 and to allow ONLY the remote router to communicate with my 871...

Network Security

Forum Posts

asa vpn and pat

dmz design help

Reflexive access-lists

ASA Outbound Access Problem

Resolved! ASA - Translate Destination IP only?

GRE tunnel and static route issue

One way audio ASA

ASA log - Deny tcp fin ack on int mgmt

ASA 5520 version 8.0(4)

howto show current session on ASA/PIX

DMZ vs Public Sever option in 8.2

FWSM DHCP-relay configuration triggered a failover !

ASA8.2 and CSM/MARS

management system for IDS/IPS

Access List needed only to allow Site-to-Site tunnel

Hearty congratulations to the December Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Change IP address of FMC HA standby node

FTD Multi-Instance Data and Data-Sharing Interface

Firepower integration with Openldap

Adding Clustered node in SNMP manager gives error duplicate name

loug user out by himself

Internal Server Error and Certificate key usage inadequate for attempt

Where to migrate SFR redirect rules on FTD appliance

ASA 9.6 Global Inspect Policy

How to deploy Cisco Firepower Management Center?

Cisco FTD send RST when dropped by Snort / IPS