Network Security

I have an ASA whose end of access list for a group doesnt showup the implicit deny ip any line.I believe this is by implicit built in, but it doesnt show up in config.Does this require to be added in manually at the end of acl & should it be appended...

Hi all,I have a ASA 5510 with 2 interfaces outside that 2 internet links are connected it.I need to do that a host in inside netwok goes out by a interface outise and others host goes out by other interface.Someone know how can I to do this?

Hello,i have a dmvpn topology, .When i try to ping the real ip on the hub's outside interface from the spoke, the delay is approximately 100ms, but when i ping the tunnel ip address the delay becomes 4000ms.Your help is really appreciated

I am upgrading my old Linksys router/access point at home from DD-WRT to an ASA5505. One of the nice features of DD-WRT on Linksys is that I was able to dynamically update my outside IP address to resolve to my <hostname.dyndns.org>. Does the ASA55...

Hello All,I'm going to deploy 2 ASA's as active/active configuration but i read in a cisco document VPN Failover will not be suppoted in multiple context.My question is does active/active setup will not support VPN failover or VPN at all ?

I am looking for a way to set up multiple easy VPN (or a single easy VPN and single standard VPN tunnel) over a single physical interface. I have not been able to find information on the subject. 1) Is this possible?2) If applicable; Where can I find...

What is the best way to see if the PIX throughput is being maxed out?..

According to Cisco's bulletin, they do not have any signatures recommended to stop the Gumblar Bot Net. However, a client of ours, uses IBM's Proventia and they currently have a list of signatures they recommend to block.IBM: http://www.iss.net/thre...

I have a DMVPN setup and on the spoke router the tunnel interface is T0 and it's on FE0/0 where the ISP router is connected. The total bandwidth is 1.5Mbps.I have IP phone traffic on the VPN tunnel and I want to prioritize it. However the local inter...

Hi folks,I'm trying to write a custom sig to match on certain values found in an HTTP GET request. The sig uses the service-http engine for TCP on standard WEBPORTS. For the sake of this example, lets say the string I'm looking for it:first=<someda...

We have a CSS with a configured vip for 4 servers in a cluster.The admins want to telnet via port 80 to the VIP and reach a server.They are coming from 192.168.5.xI have entered thse rulesaccess-list inside_access_in line 39 extended permit tcp 192.1...

Hi, hope someone can help. I've been working on setting up access from some clients on the inside interface to a host on the dmz. I've been unable to get it working so far. The config is below.ASA Version 7.0(8)!enable password Bte2XWw78iXdJmqt encry...

We are setting up a new ASA VPN Concentrator that uses the local ISC DHCP server for IP address assignments.The DHCPDISCOVER packets from the ASA are logged in /var/log/dhcpd.log. The DHCPOFFER packets sent to the ASA are recorded in the log. If I ...