Network Security

The problem we have is that the IPS is constantly at 100% CPU.This is how the network is connected:We have a 6500 on which we have a FWSM module and the default gateway for the FWSM (for internet) is on vlan 88.This 6500 is then trunked to another sw...

Hello, I have been given information on finding NAT translations from the CLI, but I was wondering how this can be done using ASDM.Also, when I do the xlat command in the CLI, why doesnt my PC's IP address show up even though I have made connections ...

I have several ports showing open on our ASA appliance when scanned by NMAP on the outside interface. However these ports are not configured open in the ACL that faces outside guarding against inbound traffic.The ports are 988, 993.Has anyone seen t...

I have some questions about "nat" "global" config and static mapping.If I have the following:interface 0/0nameif insidesecurity level 100interface 0/1nameif DMZ1security level 25interface 0/2nameif DMZ2security level 50interface 0/3nameif DMZ3securit...

We purchased the license upgrade for CS Mgr Enterprise Std-25 To Pro-50 Upgrade (CSMST-PR-U-3.2-K9) and I notice that this part number is specific to CSM v3.2, but in our end customer, the CSM's version is 3.1.1. I'd like to know if this license is c...

Hi,I'm trying to allow IPSec and L2TP VPN traffic through a IOS Zone Based Firewall. The router running the ZBF is NOT a vpn end point. It only needs to pass traffic from VPN clients behind the router to other remote routers.When I try to connect to ...

How do you physically install an ASA in transparent mode into a network? I know that the inside and outside interfaces have to be on the same network. My question is how does the firewall connect between users and servers when there is a switch tha...

I have 2811 with Advanced Security IOS 12.4.23Router is connected directly to internet. Users are translated with PAT to internet. When I enable ip inspection (ip inspect name my-ios-fw tcpip inspect name my-ios-fw udp)any file download from http slo...

I would like to know exactly what is the impact of changing the IP address of one of My ASA interfaces taking in mind that the ASA is configured for Security policies as well as Natting?

hi i have bought cisco CAS yet i didn't purchase the CAM ,is there any possibility for that CAS to work standalone in any for in any way

Hi all,How can i configure my ASA to authenticate only once to ACS. Cause i saw in my logs whenever i attempted to login to ADSM then ASA will authenticate with ACS a number of times.Thanks alot