Network Security

ASA - reconfiguring interfaces help

Hi,I have a trunk port on one interface, with 2 sub-interfaces. I am actually decomissioning one of the vlans, so I would like to remove the sub-interfaces and make it a regular interface with the remaining vlan.Setup as follows:interface GigabitEthe...

Allowing Pings on a NAT Global

I want to allow pings to and from a NAT Global public IP on an ASA running 8.0(4) code. Here is the config:access-list acl_outside extended permit icmp any any echo access-list acl_outside extended permit icmp any any echo-reply access-list acl_outs...

trying to configure router as vpn client

I have two cisco routers, both are 2651XM's. One is configured as a vpn server and it works fine (client PC's can connect from remote locations) and I'm trying to get the other router to connect to it remotely as a client but I'm stuck.I used the SDM...

dhcp relay and nat

Good Day,Is there a way to configure dhcp relay with nat? I have a client connected behind an ASA 5550 configured for dhcp relay on the outside. The asa is connected to a test router with helper addresses pointing to the dhcp server.Using ethereal, I...

Resolved! NAT incoming VPN Tunnel

I have a new vpn tunnel that I would like to NAT to the internal network address space. The new tunnel is coming from 172.31.17.0 and the existing LAN on the ASA is 172.31.16.0 Is there a good solution to make the incoming tunnel hav a source addre...

access remote Peer application through WebVPN

Site A <-> Site BHi AllI setup a IPSec VPN tunnel between 2 Site (A,B) with ASA 8.02. I also setup WebVPN in Site A ASA. I access all services in Site A through WebVPN.1. Now, I have other web application in Site B, Can I access this web applicatopn ...

CSA : what are the port used

Hi,I'm trying a lab about CSA.In the LAN, there is policy with the firewall.So I want to know what are the port used bye the CSA MC and agent. (From MC to Agent and from Agent to MC.Is there any link to more document ?Best regards

CSA 6.0 - Trying to diagnose RULE_RESUBMIT_LIMIT_EXCEEDED message

We are running CSA 6.0 and received a "The rule request has been submitted to the Rule Engine the maximum number of times. This request is no longer blockable, and the default action will be taken" message in the log. I am having trouble making sens...

Resolved! PIX Backup Image in Flash

Can anyone tell me the boot behavior of the PIX when it comes to recovering from a corrupt/invalid image in flash?Example: In flash I have 2 images:image1.binimage2.binWhat (if possible) are my options to have 2 images and a boot sequence so it tries...

Resolved! PIX 515 Memory type

Hi there,I read that the PIX 515E uses PC100 SDRAM... does anyone know if the older PIX 515 uses the same kind of memory? If not, what type of memory does the PIX 515 use?Thanks,-Brandon

Using Domain Names in Access-lists

Hi.I've been trying a few ways but is there any way to accomplish:access-list INBOUND deny ip any host www.google.com???This has been bugging me for awhile. If DNS is enabled on the FW, shouldn't this work?Thanks!

Resolved! connecting to IPS with ASDM

I am doing ASA5510 with IPS, initial setup. I can access ASA from ASDM. But when I click the IPS tab in ASDM, it will retrieve the management IP of the IPS, but finally says "unable to connect". I tried even chaning management IP using CLI, still no...

Pix 501 DMZ

Can I config DMZ for pix 501? I'm new to firewall and thanks for your respond

NAT exempt question

Hello,I have two sites interconnected by MPLS. Each site has an ASA and is connected to the internet. I'm trying to setup failover for internet connectivity and when on one site the ISP connection is down to route the internet traffic into MPLS and t...