Network Security

ASA 5520 - Sqlnet inspection dropping connections

Hi,After one year and 3 months without any problems I had to upgrade the ASA 5520 from version 8.03 to 8.04 due to a known bug (tcpmss problem).Everything worked fine with one exception: the Oracle application is not working any more.Whenever I remov...

NAC appliances compatibility

Dears,i have a NAC manager, and two NAC server appliances and many NME-NAC-K9 network modules on ISR routers.Is it mandatory that all devices are upgraded to the same release, or different releases are compatible with each other.Thanks in advance

Resolved! NAT/PAT Question on PIX 545-

Urgent help needed please!Setting up a PAT statement for eg;static (inside,dmz) tcp interface 8002 10.144.100.92 8000 netmask 255.255.255.255When configuring this through ASDM on a Cisco pix the ASDM asks for the Original port number and then the Tra...

EIGRP Unicast Routing on ASA

Has anyone used the EIGRP neighbor command on the ASA to enable unicast hellos and dynamic routing between two ASAs over a site to site VPN tunnel? I'd like to see if it is possible to eliminate an external router needed to build a GRE tunnel and in...

Change site to site peer

I have set up a site to site vpn between my corporate 5510 and a new 5510 for a remote office. I set a test public IP on the remote 5510 and used that IP for the peer address on the tunnel. When I receive the permanent IP from the ISP for the remot...

SITE to SITE Tunnel with FQDN

Hi I want LAN to LAN tunnel between ASA and 1800 with FQDN i.e peer=ccde.vpn.com for 1800 and support.vpn.com for ASA rather than using peer ip addresses in 'set peer .. ".Is this possible to use FQDN for tunnel peers ratehr than ip addresses ?Thanks

have to ping server through vpn to establish connection

We have a site to site vpn connection between two asa 5520's which works great for most things, but we have a few servers on each end that we have to ping to establish a connection. Currently we have a batch file written to ping every 10-15 min to ...

VPN with Failover

I have a ASA 5540 (actualy 2 in Active/Standby setup) connected to the Internet and Internaly a DMZ where I get the traffic from my SecureMobile provider.On remote site I have a Sarian DR6410 router with a ADSL interface and a GPRS/3G int. I have no ...

remote vpn users get asa as default gateway?

My remote vpn users (connect to asa5520 for vpn endpoint) get the asa as their default gateway. How do I make our actual core router their gateway once connected rather than the asa? Its causing them some routing issues and connectivity issues to c...

ASA5520 VPN load balancing with nat and certificates

we have a senario where we utilized vpn load balancing with certificates. recently, we are having a problem where when the ssl client tries to go to the url for the virtual ip, it gets presented with the device certificate rather than the virtual lb ...

Resolved! Clear xlate on an ASA?

So i'm finally migrating my PIX 520 to an ASA. My platform was too old to qualify for the upgrade tool so i'm training myself on the gui as i manually migrate my config over.We used to do clear translations on the pix between inside and the dmz. is...

shifting the servers from inside to DMZ

Hi all,i have to make DMZ in my network already my servers are working in inside network, but now i have to shift these server to DMZ,kindly look at my configuration and guide me with configuration how i can achieve this goal. Thanks*****************...

DNS replies causing over 10000 conns

i have an asa 5505 guarding a single web server. it is running dns. ports 80tcp and 53udp/tcp are opened.the problem is that every once and a while my server sends out a large amount of DNS replies causing it to go over 10000 conn limit (replies to ...

Is CSCsr89144 fixed on ASDM 6.1(3)

I have just run in to this ridiculous ASA bug where ASDM stops working if uptime is over 1 year.http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsr89144Could someone please tell me if CSCsr89144 is fix...

nating for dmz to inside

hello,i want to know about natting applying from dmz to intranet for security leve is 50 and 90 respectively.now how i can do natting of this condition.

Network Security

Forum Posts

ASA 5520 - Sqlnet inspection dropping connections

NAC appliances compatibility

Resolved! NAT/PAT Question on PIX 545-

EIGRP Unicast Routing on ASA

Change site to site peer

SITE to SITE Tunnel with FQDN

have to ping server through vpn to establish connection

VPN with Failover

remote vpn users get asa as default gateway?

ASA5520 VPN load balancing with nat and certificates

Resolved! Clear xlate on an ASA?

shifting the servers from inside to DMZ

DNS replies causing over 10000 conns

Is CSCsr89144 fixed on ASDM 6.1(3)

nating for dmz to inside

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Blocking certain reverse lookup domains on FTD

Configuring OKTA SAML on FTD 7.2.5

Palo Alto to Cisco Migration Tool count_summary error

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

Cisco FTD and Cisco FMC images in CML

Architecture for ISA-3000 Firewall

Import json file to FMC

cisco firepower management center virtual gui not shown

Downgrade FPR-1010