Network Security

Firewall Migration Tool v7.0.0.1 now live!

Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...

Resolved! DFM device discovery issue "Devices stuck in Questioned state"

HiWe have LMS 3.0.1 installed with DFM 3.0.4 The devices are showing Questioned with Error code "SNMP timeout" with no specific reason. The snmpwalk is coming for the device as I checked with snmpwalk command. The only device discovered as"known" has...

priority Queue on ASA 5510: not working

Hi, I am not able to insert the following command to enable prioriry queue.Firewall(config)# priority-queue ?configure mode commands/options:Current available interface(s):Firewall(config)# priority-queueSecondly, I have a site to site VPN on ASA 551...

Resolved! Internal NAT'ing - Security Recommendation

Is it recommended to use NAT between servers on different layers divided by the internal firewall. For e.g. a segment of firewall is connected to web servers and another segment to DB servers. Is there any advantage of NAT'ing the destination server ...

problem of random links to display my portal Webvpn

Hello All...I have a problem on my web portal webvpn configured on a Cisco 2800 routerThe links on the page after the user authentication appears randomly. Have you a track?Thank you

troubleshooting site to site vpns

hi,is there a way to troubleshoot slowliness while transfering files between 2 pcs through a site to site cisco asa vpn ?what commands or methodology should we use to see what could be causing the problem .regards

IPS Attack Testing

I have configured AIP-SSM 10 in ASA but customer wants to see that how IPS is protecting from attacks ???Please suggest any dummy attack & where can I see how IPS is protecting the network against that dummy attack.Your quick response will bt apprici...

LAN-to-LAN SSL VPN

It is possible to configure a LAN2LAN VPN using SSL between two ASA5505? If not is there any Cisco platform which would support this service?

ASA 5510 Mailserver DMZ

Hi, I'm on the way to change from pix to asa.I've a little problem to connect from Internet to the Mailserver in the dmz.What do I wrong ?The config:ASA Version 7.0(8)!hostname gatewaydomain-name test.deenable password xxxxxxx encryptedpasswd xxxxxxx...

IPS VLAN Groups

Can any one point me to a decent configuration example and explaination on why VLAN Groups would be deployed on an IPS 4200 sensor. I cannot find an example anywhere.

FWSM - recurring error from standby module

Hi. Hopefully this problem will sound familiar to somebody here.First off, I have a pair of FWSMs configured for active/standby in a 6509 chassis. The FWSMs are running 3.1(1) and my redundant SUP720's are runnning IOS 12.2(18)SXF3.Exactly every 5 ...

FWSM --- Running Activation Key

Hi Guys,I am wonder to see the Show Version inside my FWSM showing the running Activation Key,Running Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000I just want to know the reason that why it is showing like this,Another message is,"The R...

Best place to NAT - Internet Router or ASA

Greetings All,We are planning on revamping our internet connection to a DS3. This will require an upgrade in our internet facing router (currently 3662). We have purchased a 3845 ISR with NM-T3/E3. Currently our NATing is done on the internet faci...

how asa handle ip address conflicts with vpn's ip local pool

Hi!I wonder how asa handle ip address conflicts with vpn's ip local pool.I can't find anything regarding that topic?Steve

Problems with dmz-outside (nat)..on context

Hi:Having problems trying to publish a webpage, the webserver 10.10.0.2 (on dmz), has the 1.1.1.170 (internet address).can anyone help me? [b]please see the configuration:[/b] enable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encrypte...

NAC/Wireless Design

Hi!Looking for some input on some design options for NAC with a wireless deployment since OOB and IB are now both options.In a campus environment of up to 300 wireless users, in-band seems good so that we can have one SSID, but restrict a user login ...

Network Security

Forum Posts

Firewall Migration Tool v7.0.0.1 now live!

Resolved! DFM device discovery issue "Devices stuck in Questioned state"

priority Queue on ASA 5510: not working

Resolved! Internal NAT'ing - Security Recommendation

problem of random links to display my portal Webvpn

troubleshooting site to site vpns

IPS Attack Testing

LAN-to-LAN SSL VPN

ASA 5510 Mailserver DMZ

IPS VLAN Groups

FWSM - recurring error from standby module

FWSM --- Running Activation Key

Best place to NAT - Internet Router or ASA

how asa handle ip address conflicts with vpn's ip local pool

Problems with dmz-outside (nat)..on context

NAC/Wireless Design

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

Ansible with FTD_FMC 7.6

Cisco FTD workaround for SSE connector failure stumbled on rights priv

Assigning an EtherChannel Subinterface to an Instance via FMC API

FirePower onboarding to FMC first policy deployment failure

Questions around Dynamic Attributes Connector - FMC integrated

FTD not backing up config to remote server

Factory-reset FTD 1120 "application installation failed. Launching.."

IPSec VPN between C.2811 and Firepower with only Real IP addresses