Network Security

Monitor IPSec tunnels in PIX

Hi Team,I have PIX Version 6.3(5) configured with few IPSec tunnels. I would like to monitor these tunnels through snmp so that the PIX can send the trap notifying my monitoring tool if any IPSec tunnel goes down. I find the only command available is...

Resolved! New on ASA

Hello, New to ASAtrying to understand how to allow traffic for specific host from LAN to outside.My needs* Desktop 192.168.3.80 which needs tcp port 999 to download internation newspaper using secured application.* Desktop 192.168.3.88 which gets sto...

Cisco IOS Firewalling on a 2851

Hi AllI want to use some of the IOS firewall features on the 2851 but have some questions on CPU impact. I use this device for IPSec termination which also incorporates some NAT. It seems that when NAT is enabled, packets traversing interfaces that...

DMZ firewall queston

Scenario: ASA is in building "A" (also has internet connection) and I want to set up DMZ for WEB/FTP etc.., However the physical servers are located in another building, building "B" the Data Center, which is a block away. I know this is a crazy ques...

Resolved! Session status for PIX and ASA

Looking for commands to identify any https, ssh, or telnet sessions currently active on a PIX and on an ASA. I would like to know all available information about the current connections, such as the IP address of the connected device, username used f...

recommended ASA software

Hello,I'm looking for the Cisco recommended ASA software to run? I don't see the GD version listed on the software downloads. I need this for auditing purposes.

Tunneling IPSEC client Internet Traffic

We would like our ipsec vpn clients to be able to access the Internet using our company Internet connection but the attempts are being denied with the following message:2 Oct 21 2009 10:58:26 106001 a.b.c.d 4675 w.x.y.z 443 Inbound TCP connection de...

Resolved! Network Object Groups

Hello,On an ASA5510 v8.0(4) is there a way to create a network object group and enter a range of addresses rather than entering them one at a time? For instance I have a group that will need IP address 192.168.1.60 to 192.168.1.75. Do I have to ent...

NAT

Hi,I have ACL_INSIDE to restrict all traffic from inside to outside.I want to allow VPN Traffic from inside to outside.Do I need to have NAT statement for all LAN IP. Example:-NAT(inside) 1 192.168.1.0 255.255.255.0

Resolved! VLAN Access-map Logic

Hi Guys,Can anyone tell me what happens to the respective traffic if I have the following configuration?I am a little confused between the action forward/drop and permit/deny meanings?vlan access-map TEST 10 match ip address TEST-ACL action forward!v...

CISCO 2851 with IPS configuration

Hi guys,i'm planning to do an IOS IPS configuration on a newly purchased 2851 router, the spec as below:CISCO2851-HSEC/K9CISCO 2800 AdvanceIPservice :Version 12.4(15)T1064MB CF default512DDR DRAMMy problem right now is,when i tried to configure the I...

No ASDM access

I have an ASA5505 with 8.2.1 firmware version and 6.2.1 ASDM version. I cannot access the firewall using HTTPS (ASDM). When I try to access it from IE, the message "The page cannot be displayed" is returned. When I try to acccess it from Mozilla, the...

Resolved! NAC Questions

We have 2 CAS should be configured with HA are located in the WAN Zone of the FWSM. there is a static NAT meansstatic (inside,WAN) 10.0.0.1 10.0.0.1 netmask 255.255.255.255where 10.0.0.1 is the ip of CAM and the cas has 20.0.0.1.I have read that if t...

Resolved! NAC with CA

Is it necessary to use the CA with NAC.if we donot use it what is the impact on the users.Can we deply without CA without any problems

Resolved! Default Password for FWSM

Anyone know off hand what the default enable password is for the FWSM?

Network Security

Forum Posts

Monitor IPSec tunnels in PIX

Resolved! New on ASA

Cisco IOS Firewalling on a 2851

DMZ firewall queston

Resolved! Session status for PIX and ASA

recommended ASA software

Tunneling IPSEC client Internet Traffic

Resolved! Network Object Groups

NAT

Resolved! VLAN Access-map Logic

CISCO 2851 with IPS configuration

No ASDM access

Resolved! NAC Questions

Resolved! NAC with CA

Resolved! Default Password for FWSM

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application