Network Security

Resolved! simple firewall question

hi! We've a fwsm module in our core sw and i'm new to this. just want to find out what's the purpose of the bridge-group 1 command on the inside and outside interfaces? + what's the BVI1 for? is it related to the brige-group 1 command on the inside ...

CSC SSM Trendmicro

Hi allI have a customer who would like to know how is it possible to customize the Trend Micro Webpage Notification where it is shown when a web url have been block?Would appreciate if anyone may provide me some tipsThanksJocelyn

AIP-SSM not gettint outside traffic

Hi all. I have a AIP-ssm 10 and I created two class-map.. one for inside and one for the outside.. and applyed like the following.policy-map global_policy class inspection_default inspect ftp inspect icmp inspect pptppolicy-map outside-policy clas...

Whitelist / Blacklist Group

Hi, I just purchase the Cisco 892 Router to add to my network. The main usage for it is white/black listing. Is it possible to have a group of 5 computers to have access to everything on the web and a group of 15 computers to be blocked on ever...

CS-MARS could not download IPS Signature file

I am receiving this notification from the MARS. I think I have the right URL. Anybody got the idea why i am unable to download the signature file?

DMZ design assistance

I'm in a situation where I need to put a blade server that connects to the core switch in the DMZ. I can't physically connect the blade server on the isolated DMZ switch. The reason being is that some of the blades on the blade server chassis need ...

Resolved! Port redirection question

Hi All,I have an ASA doing port redirection as follows:static (inside,outside) tcp 2.2.2.2 80 192.168.10.2 8080static (inside,outside) tcp 2.2.2.2 25 192.168.10.3 2525So, whatever traffic comes to IP 2.2.2.2 on port 80 is redirected to IP 192.168.10....

Resolved! Another Regex question in ASA

Hi All,I have the following configuration and I was able to block the ''Farmville'' game of Facebook.regex blockex1 "/onthefarm"regex blockex2 "apps\.facebook\.com"class-map type inspect http match-all block-url-classmatch request uri regex blockex1m...

ASA 5505

Hello,We are ordering a ASA 5505 for a small remote office of 10 users and I will set up a VPn to our HQ. I have never used this lower model before (only the 5510/5520) so I wondered do I just assign one of the 8 ports as the 'outside' and put it in...

ASA connect with multiple vlan in 3750

Hello dear, I have asa 5510 i wan to connect with 3750 with multiple vlan configure , so question is that can i trunk or access port configure on 3750 pls suugest .

Problem with a website port forwarding on a different port

I have recently come back to the world of Cisco firewalls and asked to set up a port forwardingrule for two ports to access an internal webserver from the outside on ports 8181 and 8282.I have added the rules:static (inside,outside) tcp extranet 8181...

IPS Signature Statuses

Hi All.I'm struggling to find a definitive answer or reason for some of the configuration IPS signature statuses.What does the enabled setting in a rule actually mean in relation to retired and obsolete rules?I have lots of rules which are enabled bu...

To map a single global ip address for many local ip address for different port

Hi,I am looking for some solution on this.I have a public ip say a.b.c.dAnd internal host like w.x.y.zw.x.y.z1w.x.y.z2..w.x.y.z3W.x.y.z is a web server and w.x.y.z1 is ftp server.I want these to be published with single global ip address.Is it possib...

Resolved! Exclude an SSH admin host from AAA authentication

Hi everybody.I'm runnig ASA with TACACS console authentication in order to have authentication/authorization on console access (telnet/SSH) via AAA but I need to exclude a particular SSH host from the authentication process. It seems that the include...

Policy based routing in PIX.

Hi all,how it is possible route some traffic in PIX based on source and destionation IPs somewhere I decide?BRgg

Network Security

Forum Posts

Resolved! simple firewall question

CSC SSM Trendmicro

AIP-SSM not gettint outside traffic

Whitelist / Blacklist Group

CS-MARS could not download IPS Signature file

DMZ design assistance

Resolved! Port redirection question

Resolved! Another Regex question in ASA

ASA 5505

ASA connect with multiple vlan in 3750

Problem with a website port forwarding on a different port

IPS Signature Statuses

To map a single global ip address for many local ip address for different port

Resolved! Exclude an SSH admin host from AAA authentication

Policy based routing in PIX.

ISE-PIC to Passive Identity Agent Migration

pxGrid session subscription missing radius accounting session Id

Model Migration - 4110 Native to 4225 Instance S2S VPN Configs

ASA upgrade procedure on Hyper-V

Announcing the release of Firewall Migration Tool Version 7.7.10

Cisco Anyconnect VPN features with Firepower vs ASA

ASA SG200 Port Negotiation.

urgent

Downloadlink FTD/FMC 7.7.10 is gone

Firepower 1120 initialisation + Reimage SSD, Help needeed !!!!!