Network Security

We have a ASA 5520 and we are seeing a lot of traffic on our outside and dmz interfaces. we intend to capture packets on those interfaces can someone help me with how we can ,,,with minimal cpu utilization ,, coz cpu is already at 85% now,,,Thnx muc...

Hi,I would like to audit all changes made on my ASA 5540 (software version 7.2).Is there a way to do that?How is the best way?Thank youTauer

nat (inside) 0 access-list nonatnat (inside) 3 access-list out-nat 0 0nat (inside) 1 access-list dmz-nat 0 0global (outside) 3 interface global (dmz) 1 192.168.2.4 access-list out-nat permit ip host lab_pc1 any access-list out-nat permit ip host...

Hello,Recently I upgraded the supervisor on my Catalyst6509 to a SUP720-3B. This upgrade switched me from CatOS to IOS which is a welcome change. However I am having trouble configuring my IPS appliance(4250XL Build Version 6.0(5)E3) to use the new S...

Hi, I have two routers Rv082. I made a gateway to gateway tunnel between the two of them. From a computer behind my first router I can ping my other router.But when I try the same thing from a computer behind my second router, I cannot ping the fi...

Hi All,Can anyone confirm if any Cisco ASA supports the SHA-256 hashing algorithm whilst establishing a VPN tunnel?Many thanksFastethernet

Dear allI have two FWSM in active/standby mode. what I want to ask is when the failover LAN link (means connectivity between the two mates) lost. what will happen for the standby unit if it fails to find the active mate.Thanks, for help and support,

Hi, Im having trouble with my standby pix. After sometime the outside interface becomes insaccessible but my inside interface is still accessible. By clearing my arp table, the outside interface can now be accessible. Has anyone of you what might cau...

We have had mixed success with the use of H239 while H323 inspection is enabled on an ASA running 8.0(4) code. The endpoints are a Polycom PVX behind the ASA (HostB) and another PVX endpoint which is not behind any firewall (HostA). Both endpoints a...

Hi all,I cannot ping my default gateway, and my default gateway connot ping me.I've got a ASA 5520 with a 8.0.4 OS version.I've configured the ACL on the interface with the access-list int1-in extended permit icmp any any and also added the command....

ASA5520 with AIP-SSM-20 IPS moduleIPS software: 7.0(1)E3ASA software: 8.0(3)We have two of these ASA's set up in a failover pair. The problem seems to be at random times that the primary ASA/IPS member will failover to secondary with: %ASA-3-323001:...

customer unable to connect to vpn endpoint when going through a MSB. He changes the gateway on the host to use the ASA as the exit point and has no problems.The endpoint is reachable from either the MSB or ASA.Any know issues with MSB and Cisco clien...

Two 2811 routers, both on 12.4(13r)T5 software.Each has a VTI interace. VTI works great, i'm running ospf across it which also is working well. My problem is that if i shut down the ethernet interface (through software or unplugging) on router A, t...

If I shuthown a monitored physical interface, the active ASA doesn't swtich over to standby. Shutdown also brings the communication down. It should also be considered as reason to trigger the failover.