Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
Showing results for 
Search instead for 
Did you mean: 

Forum Posts


Two questions really.Q1. What is a safe peak for a cluster (Active/Standby) pair of ASA 5520's?During different times of the day, I can see major peaks that push the ASA cluster into the high 80's and low 90% utilization.Q2. To combat these peaks, I'...

Firewall and OSPF - Passive interfaces??

I have a pair of ASA5550 with OSPF enabled on the outside interfaces with our internet routers. Firewalls get the candidate default route from the internet routers.Anyway, when I do a "sh ospf interface" all interfaces are listed under sh...

opers13 by Beginner
  • 2 replies
  • 0 Helpful votes

Resolved! Upgrading PIX

HiI have a PIX 515E that i have to upgradecurrently it's running 6.3(5)and i'm going to 8.0(4)28,what i wanted to know is do i have to upgrade to 7 before i can upgrade to 8.Or can i go directly to version 8

IPS Engine Upgrade

Hi all I have an IPS running 6.1(1) image with E1 engine.I want to upgrade this to E3.Is to possible to upgrade directly to E3?.What are the things to consider for upgrading the Engine(i want to upgrade manually)? Is there any advange on E3 over E2 ...

anva12345 by Beginner
  • 3 replies
  • 0 Helpful votes

How to block FileSharing

I have a natted network , all the users in side are accessing one global server Exchnage server xx.xx.xx.21, now i want to implement a rule in my local firewall to block traffic , so that usera cant not access this global server \\xx.xx.xx.21 using f...

Resolved! identity nat vs policy nat

Is using identity nat as compared to nat exemption merely a preference, or are there benefits to one over the other? I've changed all of my identity nats over to policy nat, but I'm not sure (other than ease of reading and it doesn't add to the xlate...

PIX 515E upgrade problem

Hi Problem1: I am trying to upgrade pix 515e from 6.3(1) to 8.0(4) version in monitor mode and I am not able to do that. monitor>interface 1 address server (my laptop with tftp program on) file pix804.bin tftp I get the b...

Ddos Problem

We have an IRC Network based on IRCD, we keep getting ddosed by people, servers are falling apart, so we currently did not find a way on how to block the ddos packages,i was wondering if you could be kindly and suggest me somethin about it , anything...

Policy NAT

So, I was doing some testing this weekend, and I had noticed something that I wanted someone to verify my findings. In an ASA, if I create an acl and policy nat, it seems that it's two directions.access-list NONAT permit ip ...

Resolved! Using PAT for many users

All,Is there documentation somewhere that states how many users can run behind pat? I've got between 300 - 1000 at any one time that can be on, and currently I'm using the interface address on the asa to do this with. I was wondering if I needed to s...

Anyconnect Vista install error

I've tried to avoid Vista, but unfortunately I have a couple customers using it. I get two errors when trying to install the Anyconnect client when they access the SSL vpn site. "The VPN Client agent was unable to create the interprocess communicati...

r.lusignan by Beginner
  • 4 replies
  • 0 Helpful votes
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers