Network Security

I have an ASA5520 and am considering what I do when I start to reach capacity on the box.I have been told to look at clustering ASA's together, but all of the information I can find seems to refer only to additional VPN connections when using a clust...

I am trying to do a Pathping across my network from inside to an external address.I am foxed as to what I can do - it is the ASA that is blocking it.Ping and Tracert does not work either

Are NAT statements on the PIX processed in order of NAT ID?

I've got a slight problem with a site to site vpn setup between site A and site B and the ability to authenticate against an RSA SecurID appliance located at Site A if the user VPNs in to Site B.Basically, the setup is as follows:Site A:Cisco ASA 551...

I have a PIX in routed mode. I have another one exactly the same plus the serial failover cable. The problem is that in order to use Active/Standby configuration I need to use 2 IP per interface (Active and standby).Unfortunately my networks use real...

Swapping out a CheckPoint firewall for a new set of ASA's, running 8.0(3) and ASDM 6.1(1).One of the features that I'm trying to replicate with the crossgrade is HTTPS based direct network access authentication (or client auth in CheckPoint-speak)Wit...

Hi,This is a wierd request as it flies in the face of the purpose of vpn clients but I ahve my reasons:We don't like Split-T but we have a userbase on a customer site that require it. I have made a special profile for them but they tend to hand out t...

We have a webpage that uses java, and we are unable to make it work on web vpn on mac os. On the windows side, we added the following to the webvpn smart tunnel and it works: smart-tunnel list banner WebStart javaws.exe platform windows smart-tunnel ...

I just got a report from our security scan company that we failed our quarterly audit because:Category: Denial of ServiceTitle: spank.cSummary: Sends a TCP packet from a multicast addressDescription: Your machine answers to TCP packets that are comin...

Inbound emails are down. Outbound works.the ASA 5510 shows this in the log.Deny tcp src outside:209.252.33.110/38723 dst inside:63.243.80.11/25 by access-group "inside_access_out" [0x0, 0x0]One minute everything was ok then it stopped working.In the...

Equipment used WRVS4400NSettings using VPN passthrough, and then using the Singleport fowarding to a server running 2003 with VPN runningThe tunnells work flawlsley until I try to copy a 1 gig file. I get an error that says large packet not permitted

All,I have the following topology (attached), and I've got a question about the routing. If I have a static nat statement pointing to a DNS server on the DMZ, the routing table will show that it's a connected route. Can I use a floating static to acc...

Hi Guys,I have a bit of a problem where i have to configure an existing transparent 5520 asa to an active/active setup. Never done active/active before but i understand i have to create contexts etc. However Im not sure how this will work on transpar...

Hello,give it a solution, how i can configure, that a user connects to the SSL-Portal with a RSA Token (by SDI) - to preconfigure the SSL Group (Bookmarks). The User stays at ADS. I can't use LDAP because - the RSA Token.