Network Security

HelloI am about to migrate a customer from a hosted checkpoint firewall to an active/passive ASA 5520 firewall.I have got some prints from the configuration of the checkpoint firewall, which show that 4 public IP's are forwardet to the same IP on the...

Hi,I am replacing cyberrom firewall with cisco ASA 5520. I am trying to configure two static nat for two different public ip address with a single public ip add of my web server present in the insdie zone of ASA its giving error of duplicate entry. B...

Hi,I have setup WEBVPN with the SSL client on a Cisco 2811. The WebVPN gateway is via a loopback address on the router, so I NAT port 443 to this address as it enters the ADSL interface.Everything works great apart from when I try to access an intern...

Using an ASA5505, I've set up cleintless SSL/VPN, Connection profile and Group policies. I've added the bookmarks to the group policies and create a bookmark for our OWA server.When logging in the Web Application menu is displayed but there are no li...

Hello all,I have the ASA configured for SSL vpn and anyconnect use. Ideally, I would like to use a bookmark via the clientless portal to allow access to our internal Microsoft Dynamics CRM web server. I have the link configured but when clicking on...

Does anyone tried using RSA tokens to login via ADSM?Thanks

This seems like a silly question, but I cannot find a definitive answer. Is the management port on the ASA auto-sensing (MDI / MDIX)? I see the other ethernet ports are that way, but I cannot find a reference on the management port.Thanks,Jim

Hi everyone,We moved our office to a different location (including our dsl conncetion). We also updated our asa from 8.0.3 to 8.0.4.Since then, I'm having trouble opening the webportal from customers having a dedicated line.I'm getting the certificat...

I understand that you can go from a higher security interface to a lower security interface without configuring acls. The ASDM shows that there is an implicit rule allowing this. My question is - once I configure an access rule on the ASDM, that li...

I have a pair of Pix 525 firewalls in Active/Standby. They are frontended by a different pair of firewalls that are also in A/S failover with a pair of 2960 switches between them.When the other firewalls fail over, the new active sends out a gratuit...

Hello,Could someone enlighted me where to find current NAT translations? Not the Static NAT routes, but the current translations in this graphical interface?I could also use the CLI command to do this also, please. I forgot what it was and can't fi...

I understand that CVDM for the 6500 Chassis is free, but the download page is no longer working at:http://www.cisco.com/kobayashi/sw-center/netmgmt/ciscoview/cvdm-planner.shtmlAny idea if it is still available?

I am trying to determine if using no-nat between the inside and the DMZ is bad in any way. I was told that running no-nat between private interface does not cause any security risks, is this true? Am I losing any security functionality if I choose ...

Is it possible on the PIX 515e to setup udp broadcast forwarding between specific interfaces. I see it's available for routers but can't find anything for the PIX. PIX v7.0(4)Thanks.

What is the best tool to gather syslogs from multiple Cisco ASAs & Cisco IPS.Preferably I would like to use a single machine to get logs from 4 firewalls, 2 IPSs and multiple Web/DB servers running Apache & mysql.What solution would you recommend for...