Network Security

DMZ - Cablevision static IP service

Hi,We purchased Cablevision static IP address and cablemodem service and want to install an external DNS server and an SMTP relay service for an internal Exchange server. The static IP service came with 5 public IP addresses and an 851 router that ca...

Help with ACLs on home 2600/Cable modem connection

Hi, I'm new to Cisco IOS and routers and have a basic 2600 router config that I am using on my home cablemodem connection and I was hoping I could get some recommendations or suggestions on anything more I should do to protect my network. I setup...

DMZ Setup

Hello,I am trying to get a DMZ setup on my ASA 5510. The only device that will reside in this DMZ is a VPN device that will be accessed both by my internal hosts and by an external vendor. I configured a dedicated interface on the ASA for this DMZ....

Failover pix upgrade

Am upgrading a production pair (failover pair) of Pix 525 to 6.3(5125) in next few days. (Also am rationalising exisiting rulebase). Any caveats on doing this upgrade with a failover pair? Thanks

asa 5510 security context

Would like to know the exact functionality of Security context in ASA.I need to create some 30-35 vlan on subinterface of the firewall.According to daga sheet ASA5510 with security plus licenses support only 25 Vlans.Is it the limit or something else...

Resolved! Turn off SSL on ASA possible?

hi,As far as I know I don't think I use SSL on my 5520 ASA, but how can I check?The thing is I have run a Qualys security scan against our ASA's Outside interface and I get 2 SSL vulnerabilities back.I can't work out how it's finding these and wheth...

equivalent commands on ver6.3 and 8.0

please correct my if I'm wrong with these old 6.3 command statements to a ver8.0Version 6.3conduit deny tcp any eq 1434 any conduit deny udp any eq 1434 any Version 8.0access-list outside deny tcp any any eq 1434access-list outside deny udp any any e...

CSA "don't ask me again" check box does not work

Hi all,I am trying to configure CSA When in learn mode I have checked "allow" and "don't ask me again" boxes.However everytime I start the application I am still prompted for user action. I notice that each time this process is started it gives me a ...

Resolved! AIP-SSM-20 Upgrade

Trying to upgrade an AIP-SSM-20.We have 2 ASA's in a failover configuration, the upgrade on the secondary AIP-SSM-20 was successful.On the primary AIP-SSM-20 we are getting the following error when trying to upgrade via FTP from the same server that ...

Remote Access VPN

Can you have both ssl vpn enabled and IPSEC on the same interface. I can not get the IPSEC client to configure

NAC-VLAN Mapping

Hi guys,I'm currently configuring NAC for my network. I have selected VGOOB deployment. I have 14 VLANs with IDs 21 through 34. My trusted servers are on VLAN 1. Do i need other 14 VLANs for authentication(i.e VLANs to map my access VLANs)? Each VLAN...

ASA multiple contexts

hi, why multiple contexts don't support VPN, and will it soon ?

Initial 5505 setup --L2L & local internet access

Hi, Last time i configured a firewall was a Pix520 (yes, a 520) so I understand a lot has changed. My goal is to setup an offsite with a 5505 that will go out over it's local cable for basic internet access, but for corporate access they will go ov...

Track VPN User Assigned IP Address

Folks I have a customer that has a requirement to track the IP Address a VPN user is assigned upon connecting to their ASA.I have looked at the 'logging list' and while that works by sending syslog messages it sends ipsec and ike which is a huge amou...

IDSM SPAN and filter on destination

GreetingsWhen I set up a SPAN session with a regular TP interface as a destination I am able to allow specific VLANs on the destination trunk port. This does not work for me when I try the same setup with the IDSM data port as the destination. Has an...

Network Security

Forum Posts

DMZ - Cablevision static IP service

Help with ACLs on home 2600/Cable modem connection

DMZ Setup

Failover pix upgrade

asa 5510 security context

Resolved! Turn off SSL on ASA possible?

equivalent commands on ver6.3 and 8.0

CSA "don't ask me again" check box does not work

Resolved! AIP-SSM-20 Upgrade

Remote Access VPN

NAC-VLAN Mapping

ASA multiple contexts

Initial 5505 setup --L2L & local internet access

Track VPN User Assigned IP Address

IDSM SPAN and filter on destination

Hearty congratulations to the December Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Firepower 7.2.1 - Issue with the FlexConfig Text object override

Re: FMC is disabled in System>Health>Monitor

Private VLAN's interaction with ESXi and firewall

Packets appearing in ASP DROP?

What is PID when we try to integrate with Cisco API's

MSS clamping IPSEC tunnel -ASA

vFMC setting with bugsssss

FMCv upgrade path from v7.1.0

FMC new local admin cannot console or SSH

FMC API - can not associate a prefilter policy to an access policy