If I am configuring an ASA to pass IPSEC vpn traffic, and I don't want to NAT anything traversing from the inside out, nor am I NATng anything coming in, should I be using NAT exemption vs Identity NAT?nat (inside) 0 0.0.0.0 0.0.0.0 oraccess-lis...
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(9) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(86) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,582) -
Cisco Bugs
(39) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(147) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,165) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(30) -
Cisco Secure Firewall Management Center (FMC)
(131) -
Cisco Secure Firewall Threat Defense (FTD)
(162) -
Cisco Security Cloud Control
(8) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(19) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(263) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(32) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,576) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(322) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(93) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,580) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,777) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(8) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(641) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(25) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
I have following firewall:Firewall Service Module 3.2 for 6500 and 7600, 2 free VFWsIt shows that I can create two Virtual Context. Would it include the admin context or not? If not then can I create three individual firewall?
Hello, I have clients that connect to pix with a Cisco vpn client.And I reach to change the pix with another product; first I want to know if there is any difference in security between SSL and IPSEC? How to choose the most efficient solution?Is ther...
anyone know how I can set-up manual dhcp bindings on an asa 5510?
Hi,I'm trying to write some specific ICMP rules but finding it very difficult and don't understand where I'm going wrong.I have the following rule with my access-listaccess-list INSIDE-ACL extended permit icmp host 10.101.133.20 10.101.196.0 255.255....
I know this is possible with ASA and VPN3000, but I am having trouble getting it working with IOS SSL.User SSL's to the ISR Router (2821 Ver 12.4.20T), Authenticates and creates a Tunneled Connection. Connectivity to the Internal LAN has been verifie...
I have a webserver that that has a portmapping from the outside x.x.x.x port 80 to a dmz address y.y.y.y port 82. Works fine. I want to have the outside x.x.x.x port 80 mapped also to a dmz address v.v.v.v port 83 when x.x.x.x is taken down to displa...
Hi, all,I have a simple yet weird problem I could not explain. Corp VPN gateway is ASA5520 running 7.2 code, branch VPN gateway is ASA 5505 running 8.0 code, I created a simple L2L IPsec between the two to protect communications between HQ subnet (10...
Hope you can helpI have a ASA 5520 and was testing vpn configuration using the packet tracer in asdm. Due to a typo I simiuated a land attack (ie same source and destination address). The ASA then blocked connections to some ip addresses (other servi...
Hi,I have transparent multiple context setup on FWSM. all are fine. What I'm trying to do is, I want context A be able to talk to context B and vice versa but not to context C. Any idea?ContextAContextBContextC
Hi,I migrated remote users from the MS PPTP to Cisco VPN Client 3 months ago. Since then, Remote users are getting "dead air" calls when they dial each other's extension. When remote users dial someone's extension at the company's 12 locations, every...
Good night guys,I configurated two ASA and the vpn didnt work, what is wrong?Here is the vpn configuration and the resultscrypto isakmp policy 10 hash md5crypto isakmp policy 10 authentication pre-sharecrypto isakmp enable outsidecrypto map mymap 10 ...
I have ha profiler running with ha cas (v4.5)and ha cam. I am seeing only 2 profiles when I look at the profiles. I only see APC UPS and Unknown. Does anyone have any ideas on why I am not seeing any other profiles? I am using an IP Phone to test...
Hi ALL,I have a quick & silly question.My switch has the IOS (tm) s72033_rp Software (s72033_rp-IPSERVICES_WAN-M), Version 12.2(18)SXF11, RELEASE SOFTWARE (fc1)and ROM: System Bootstrap, Version 12.2(14r)S9, RELEASE SOFTWARE (fc1)Will this be compati...
hi,is there a default value for tcp connection time out on ASA? I have turned off tcp timeout on my ASA, but I still have stiration the idle connection between client and server (2h idle) are droped (oracle server send ACK with RST flag)
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 12-15-2025 09:32 PM | ||
| 12-11-2025 07:27 AM | ||
| 11-13-2025 12:52 PM | ||
| 11-03-2025 09:48 AM | ||
| 10-30-2025 12:44 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |
