Network Security

Vulnerability in Cisco ASA

Hi all:Executing a Vulnerability Assessment in an ASA 5510, it has detected a "SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection". As a recommendation, it suggest to contact the supplier to find any patch. As of now, we couldn't find a...

ASA 5510 automatically rebooted

Hi,I have ASA 5510 v.8.2(1) which automatically rebooted. In crashinfo I don`t see anything helpfull.I attached crashinfo file.What could be the cause and how can I troubleshoot it?

management traffic blocked cause of reverse-path check

Hi all,i have a problem with "ip verify reverse-path interface inside".We have a very restricted admin-network, where we have the admin-interfaces of several servers, firewalls and other networkstuff. The perimeter firewall to the outside (asa5580 8....

Backup events from IDS 4215

Is it possible to copy the IPS event log files to a server from a Cisco IPS 4215 device?

Resolved! Privilege level on ASA 8.0 to remove capture (no capture)

Hello,We have a RO user created with privilege level 5 (local authentication and command authorization enabled), it works fine for other commands that are difined in privilege level 5. When we try to enable capture commands for level 5 user, could en...

Transparent ASA dropping packets

Hello,I have an ASA5510 connected to an external vendor on the outside inf, and to my mpls network on the inside inf. It's running in L2 mode, and not blocking anything right yet. My routers, switch, ASA, and vendor switch are all in the same sub-n...

Active FTP works, not passive

Hello CCIEs or not,2821 ISR IOS Firewall 12.4(24)T2 is connected to a second ISP through Vlan304 and cable router I added nat inside source route-maps in order to nat in each ISP addressing subnetsProblem is that inside FTP clients successfully conne...

IDSM Support on Cisco 6500 with VSS

I have a setup where there are 2 x Cisco6509E Switches with FWSM and IDSM.I am trying to Loab Balance traffic to the 2 x IDSM using Etherchannel and can only do this when both IDSMs are in a single chassis, I check some Cisco sites which highlighted ...

IPS Manual or Automatic Backup

HiDoes anyone knows how to setup the IPS4200 Series to automatically backup or even manually?

Resolved! traceroute across fwsm - icmp no matching session

Traceroute fails across fwsm 4.0(6) in transparent mode, with this error:Denied ICMP type=11, from laddr 10.1.1.1 on interface outside to 10.2.2.2: no matching sessionFinally figured out that the fix is to enable icmp inspection (in ASDM: Service Po...

Site-To-Site VPN using Private IP

Hi,I have an ASA 5505 configured with Site-To-Site VPN to an ISR at headquarters (Remote Site to headquarters). The VLAN2 int is configured with a public IP to the Internet router . This public IP was given to us by the client, where we are leasing ...

IPS signature to match usernames?

Can an IPS be used to match usernames during RDP and or RPC sessions?We have done some wireshark captures and searched the stream content for usernames with no success.The servers are 2003 & 2008.Perhaps MARS is the best solution here for reporting t...

csd in ASA 5550

hi.. i am usingcisco asa 5550 having ios asa821-k8.bin and CSD image csd_3.4.1108.pkg.After CSD is enabled SSL VPN client doesn't allow web download to happen and my VPN client doesnt download at client end.

VPN Concentrator restriction for internet browsing

HiI have a question regarding VPN concentrator.We have configured VPN concentrator with 3005.User coonect to VPN concentrator from internet to access internal resources.But there is no restriction for accessing internet when the client conncet via VP...

csc ssm not filter https traffic ?

Hi all, i have block sites in csc ssm via http blocking ,but those site can open via https so how can we block sites ,pls ur suggestion may help u .RegardsMak pak

Network Security

Forum Posts

Vulnerability in Cisco ASA

ASA 5510 automatically rebooted

management traffic blocked cause of reverse-path check

Backup events from IDS 4215

Resolved! Privilege level on ASA 8.0 to remove capture (no capture)

Transparent ASA dropping packets

Active FTP works, not passive

IDSM Support on Cisco 6500 with VSS

IPS Manual or Automatic Backup

Resolved! traceroute across fwsm - icmp no matching session

Site-To-Site VPN using Private IP

IPS signature to match usernames?

csd in ASA 5550

VPN Concentrator restriction for internet browsing

csc ssm not filter https traffic ?

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

after FTD upgrade from 7.2.5.2 to 7.2.9 all snorts cpu are almost 100%

FMC Unable to Join CSSM On-Prem

Fixed: "show conn flow-rule qos" gives Syntax Error: Illegal parameter

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC

FMC-ASA-SFR compatibility

FMCv Migration FMC2700

TX retries dropped packets