Network Security

AD groups / LDAP for remote access user authorization

I'm trying to configure an ASA5540 to use LDAP for remote access user authorization. I am using certificates for authentication, and using the userPrincipalName field from the certificate for authorization purposes. I am trying to set up a LDAP att...

1841 IOS IPS online updates

Hi,Can we configure 1841 IOS IPS to get automatic signature updates directly from cisco site. I know we can do it in other firewalls like sonicwall, fortigate, etc.RegardsSiva K

Resolved! not getting traffic from ASA to AIP-SSM-20.

Hi,we are having Cisco ASA 5510 and we recently added Cisco AIP-SSM. we configured sensor and as well as ASA also but we are not getting any logs in ADM. please help me on this.please find attached Sersor Configuration and version of IPS module and A...

Resolved! VPN trough ASA5510

Hello,I have a problem that I have some trouble to understand and find a solution.I am using a ASA5510 for 2 months now about to be between an internet connection and a network of multiple VLANs, corresponding to multiple companies sharing the same i...

Redirect multi SSL traffic to the same eksternal/internal adresse in Cisco pix

Hi all,I have a SSL Certificate isue in my web server. However I have a web server who has external/internal ip 192.38.X.X/10.100.x.x. The ip adress is translatet az 1:1 in my pix firewall. How is it possible to redirect multi ssl traffic to my webse...

%FWSM-2-106007: err msg

Hi,I'm seing an abundant number of the following error-msg in my fwsm-syslog:%FWSM-2-106007: Deny inbound UDP from 192.168.12.39/53 to 192.168.12.52/51660 due to DNS ResponseI know this issue has been discussed on many occasions before, but what I ca...

Resolved! ASA VLAN 1 connection to different VLAN

Hi all,I will be setting up a LAN(PCs and Laptops) at a customter's site. The customer offered to provide me with connections on their core switch on a separate VLAN. I will setup an Cisco ASA5505 on the edge connected to router. So, here is the topl...

TCP error message

Hello all,I am looking for some help. This is a strange one. My ASA5510 (ver 8.2(1)) works fine with other web site. But for some reason, we cannot access a website called: http://scrumforteamsystem.com/I can access from my other location using PIX52...

pix 506e and static routing

Hi,I have pix 506e that is not behaving the way it should. I have three private networks, 10.100.150.x, 10.100.152.x, and 10.100.159.x. The Pix is 10.100.150.32. I added static routes for the 152 and 159 networks but I can't ping them or see them....

Internal DHCP server and default gateway

I am setting up my RA & Anyconnect clients to get their IP address from an internal DHCP server (Windows Server 2003) and there seems to be a problem with the default gateway. I have the scope option pointing to the ASA-5505 internal IP 192.168.x.254...

dual asa failover on dual cores using routed interfaces instead of HSRP

using dual core 6509s, can failover be configured on both asa's when using routed interfaces on the core switches instead of using HSRP and L3 vlan?is there a config / white paper on how to configure this?

ACL configuration Help

We have CISCO 877 ROUTER WITH A SINGLE EXTERNAL IP ADDRESS INSIDE (VLAN1) = 192.168.0.0/24OUTSIDE (DIALER1) = 195.149.45.229 We have clients on INSIDE who have full internet access. We have NAT working – a one to many NAT. ip nat inside source stati...

Pix 501 boot loop

I recently had 2 Pix 501 went into boot loop. Both pix can be boot up normally after powering down and wait for 10 minutes. However, if I had tried to boot it up either by reload or not disconnecting it from power and not wait long enough, it will on...

Resolved! user account to download Cisco IPS signature

Hi All,I wanted to enable the Autoupdate in IPS but it asks for Cisco acc with cryptographic privileges to download Cisco IPS signature and signature engine updates from Cisco.com. is their any default acc for this ?I have CCO acc whether is this can...

Secondary IP Addresses on ASA

Hi All,How can we add secondary IP Addresses to interfaces in ASA? What is the need for secondary addresses on an interface?Thanks

Network Security

Forum Posts

AD groups / LDAP for remote access user authorization

1841 IOS IPS online updates

Resolved! not getting traffic from ASA to AIP-SSM-20.

Resolved! VPN trough ASA5510

Redirect multi SSL traffic to the same eksternal/internal adresse in Cisco pix

%FWSM-2-106007: err msg

Resolved! ASA VLAN 1 connection to different VLAN

TCP error message

pix 506e and static routing

Internal DHCP server and default gateway

dual asa failover on dual cores using routed interfaces instead of HSRP

ACL configuration Help

Pix 501 boot loop

Resolved! user account to download Cisco IPS signature

Secondary IP Addresses on ASA

Reuse Object Group in a single ACL line

CSCwm49782 - enhance sma 2nd cruz heartbeat logging

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCvx25052 - DOC: FTD Syslog messages 43000x missing from FMC

ACME on ASA

Snort3 rate filter

PBR with AnyConnect

FMC: Automatic renew certificates?

Finding the forgotten IP address of a Cisco PIX 506E