Network Security

hi,on the inside interface we have a access-list permitting tcp any any. the access-list name is inside..we have issues with some connections timing out in an hour. these connections are idle in the conn table of fwsm. how can we ensure the conn to a...

Hi,I am working on a real life scenario where I need to have NAC Appliance manages non-Cisco wireless network.I see In-Band solution is the only possible scenario to integrate non-Cisco wireless to Cisco NAC.I am looking for your opanion on the direc...

Hello,Anyone have any experience setting up a tunnel between a Cisco ASA 5500 and a Nortel Contivity 1600?Regards

Hi folks!I have an unusual task to reduce the number of signatures to deploy them to IOS router. The point is it is 871 router with only 128MB of RAM much of it is utilized and the router actually runs low on memory. I would like to minimize the numb...

I just installed CISCO ASA 5510 security plus in my network, I chose very simple configuration, DMZ security level 50Inside 100Outside 0Added some routes towards inside networkACL is in place to permit traffic from outside netw...

Okay,I have a device on dmz2 that the company apparently does nat for us. I've tried to exempt nat traffic, but it's not working. My dmz interface is 10.45.127.66, and they said that I can source from that address. I've thought about natting the conn...

All,I have a problem with 1 dmz and port translation:%ASA-3-305006: portmap translation creation failed for tcp src INSIDE:10.128.100.75/1577 dst DMZ2:1.1.2.1/23I'm using nat exemption, and the following line is in my config:access-list NONAT line 2 ...

I am trying to setup a 3640 to act as a VPN server. I can connect fine to the 3640 using the standard windows vpn client. However, I am not able to determing the remote gw over the tunnel. I have selected use gateway on remote network on the client s...

Hi, I need to create three V-LANS configured on Subinterfaces of FW which will be connected with L2 Switch and same V-LANS I will create on L2 Swicth. Should the connection between Switch and FW be in Trunk mode or if its not be in Trunk mode then ma...

I configured ping through ASA interfaces. But I have problem that max. ping packets through ASA are 992 Bytes (incl. header 1000 bytes). How can I increase the number of bytes passing through ?

Hi all,We have an ASA 5510. we tried to configure multiple security context on it, the command "mode" is not available.Do we need license to be able to configure security context or is it a problem of IOS version?Here is the IOS :Cisco Adaptive Secur...

Dear AllWe have a setup where two IDSM-2 modules are ether-channeled together in a single 6513 Chassis. There is an FWSM module also, which acts as the default gateway for all internal VLANs.Problem: IDSM show stat virtual-sensor command is showing t...

Hi, We have a pair of ASA 5520 as our commercial web portal perimeter firewall. Is it feasible to configure remote access VPN (for remote management) on the same set of firewalls or is it better to use a separate firewall for this purpose.Would there...

I have hundreds of IPSec tunnels terminating to (2) ASA 5540's running 8.0(4) code. All IPSec traffic seems to route properly. However recently a server was added to the same network as where the "outside" interface of the ASA's are located. IPSec...