Network Security

Does anybody know if the NAC Appliance API operation getuserinfo gives info about the out of band users as well as the inband users. There is an op getoobuserinfo that returns info specifically about the OOB users, however the documentation appears t...

I have two 5520's in Active/Passive.  I was looking at getting the AIP-SSM module for these and was wondering about the IPS contract.  Do I need two IPS contracts when in active/passive? My alternative is a 4240 IPS device with one contract...I thin...

If using the client-update for an ASA 5505 then is this truly an automatic update at the time of tunnel establishment? Will the asa automatically change the boot system and asdm commands and reload ?  I also see that its just not the ASA 5505 support...

Hello,I have a ASA 5520 (8.0.4) and need 3 internal users to be able to use their Cisco VPN clients to an external source.  It seems one can connect but the other 2 can't.I created an access list that included their local IP's and opened ports TCP/10...

i am configuring a policy on the  Cisco clean access , & i need to know if cisco nac can check the following points  :1- CD ROM, floppy Disk to be check if it is disabled or enabled. if enabled prevent the access2- Check for USB devices connected to ...

Hi All,     How can I input 2 LDAP servers at the User Management > Auth Servers >Lookup Servers > Server URL field.  For example my 2 LDAP servers are 10.10.10.1 and 10.10.10.2.  Should I put it like ldap://10.10.10.1:3268;10.10.10.2:3268 or how?  T...

Dear Sir ,I want upgrade NAC 4.7.1 from 4.7.0 , but can't running when boot from CD , then I check the error message from CCO and it is a bug.CSCta19323NoMemory for crash kernel message seen during 4.7.0 CD installThe message is benign, it is display...

Hi,Following on from my previous conversation market "NAT on ASA not working" I've got another question. I've got vpn clients that only need to access rdp to the servers, at least for now. Shoud I run static commands as follows:static (inside,dmz) 10...

This will be interesting but I'll throw this out there. It seems on the ASA 5550, the module that ships with it is 8 physical ports yet 4 of them are used, no biggie here. The thing that is interesting is that this blade is the only blade that can be...

Hi Guys,I want to configure failover between two ASA's. Do I have to use a switch between them to configure failover. I know in earlier days it was a must to have a switch between the pix's to configure failover. How about with the ASA's Do I need to...

I notice there is a new version of the ASA appliance software, 8.0.5.ED.Is there a reason someone would use that version instead of 8.2.1.ED? We're using two 5540 primarily for terminationg IPSec VPNs on and they are both at 8.2.1.ED,so I'm just curi...

Hi,Can someone assist me on how to change the time out setting for https connection on the ASA firewall? I only see for TCP connection but but specifically https.

We have had two incidents with firewall rules recently.  First, we had an access rule that was not working.  On a whim, we moved it to the top of the list.  It began working.  We moved it back down to the bottom of the list.  It continued to work.Tod...

HiI can not make work  ping & traceroute in multiple context modeI have configured two context context1 & context2. the second one have several vlan and servers behind. Then I added the lines below to test if servers behind the security appliance(con...