Network Security

We have a 5550 ASA firewall with no natting implemented at all EXCEPT for one ip address which is being statically NATTED (eg 10.1.1.120 to 192.1.150.120). Our ASDM shows an already existing natting for the entire internal network (10.1.0.0 /16) natt...

hican anybody help merecently purchased a pxi 506e which was running os 6.3 i upgraded the os to 7.05now i want to reinstall 6.3 so i can practice some site to site vpn configs the problem i have now is that i managed to get 6.3 into the firewalls fl...

hello folks!!! We have created an ACL to allow TCP and UDP port 53 to/from DMZ and Inside Network. When we use packet-tracer tool through ASDM to verify the connectivity from DMZ to inside interface UDP packet gets dropped. When we test the same port...

Hey guys - question for you all. I have asked TAC and was told that the ASA 5505 cant do multicasting, but im not sure thats the right answer. My setup seems simple (to me). I have a 5505 setup as a site to site vpn (split tunnel) to a asa 5520. We...

I have a new WinXP SP3 machine I am building and attempting to load the 4.6.00.0049 VPN client required by my office, but it hung up and stopped during the install (I killed the install after 1 hour stuck at 27% complete) and now it is in an endless ...

I have established a site to site vpn between 1841 route and PIX 515, the tunnel is up but I am not been able to access the PIX 515 side. I have checked most of the things on 1841 side as soon i generate traffic from my side the VPN tunnel gets up bu...

I do not have a Pix at the moment to test to I'll ask this question:R1---(i)Pix(o)---R2R1 is doing eBGP with MD5 authentication with R2. Pix is in routed mode.With Pix code 6.3.x, I have to do this:static (i,o) r1 r1 netmask 255.255.255.255 norandom...

How to see the live traffic on the PIX interfaces.whether we have to use tcpdump command as we use in Checkpoint or there are other command also to view live traffic.

Hi, Can anyone send a link of Cisco Security Manager Configuration document?Thanks.

If I create an IPSEC / 3DES tunnel between to sites where the both have a 1.5MB connection what is the effective size of the tunnel? 1.5MB - 8% = 1.38MB?

Have pair of ASA5550 firewalls linked as failover pair. Getting the above message in the logs every few mins. The 10.1.1.4 address is the inside interface. Does this message mean that there's a mismatch in the arp cache for this mac address (ie it ha...

hi fellowsas the title says, we have the ASA 5520 with the IPS module SSM-20 and the problem which i am facing is that on the ASDM In IPS main dashboard, the interface status showing that inside interface is Unpaired and outside interface is Manageme...

Hi All,I have ASA 5520 installed in network. This ASA is having SSM module with 4 gig ports.Can these ports on SSM module be utilized as normal interfaces of firwall? Is if , a saparate zone, for example DMZ1, can be introduce on the gig ports of SSM...

Dear Team,1.Why there is a need for setting SA lifetime.2.Whether SA will reset earlier if we have set an idle timeout for VPN tunnel.I mean if the VPN tunnel is idle for some amount of Time and if I have set the idletime out to be less than SA reset...