Network Security

Hello!I have problem with configuring AIP-SSM for ASA 5520.I have configured ASA and AIP as in the configuration guide. When I scan (made atack) the network, I see on the aip module (show events alert) information about attacks. But it doesn't work a...

Hi,We have just made two tunnels with 65.205.4.34 and 196.44.242.50 and its activated but we have created access list to exempt the traffic but seems it's some missing or wrong in the configuration. We want to exempt only 172.17.80.247 machine from b...

I have an L2L ipsec tunnel between two of our production environments. On one device, Fortigate, we have our main network where my workstation resides. On the other device, ASA 5505, is where I am trying to (via the CLI) tftp to my workstation (run...

Hello we have upgraded the version 6.3.5 to 7.2 (3) on a PIX 525 .Our client has got a 1000 user network and report problem of internet download latency that increase about 200 % . example: a 100 Mbyte file take 5 minutes before the upgrade . Now ta...

Hi all I created today a new transparent context on my FWSM (3.2(6)) which is in a 6509 with IOS in the slot 9. Here my configuration: firewall multiple-vlan-interfaces firewall module 9 vlan-group 1, firewall vlan-group 1 30,[others-removed]1030 ! v...

Hi,I am totally new to using/upgradation of NAM. Switch-1 : NAM application image version: 3.4(1a)Maintenance image version: 2.1(3)NAM Daughter Card Micro code version: 1.34.1.27 (NAM)BIOS Version: 4.0-Rel 6.0.9Installed patches:No patches are insta...

Hi there,how would go about setting up access to a server on the dmz from the inside, not by using "nonat" (ie nat 0 or a static with same IP), but by accessing the server with an IP from the inside LAN ?Thanks in advance.

We wish to include the following address space in the vpn's "interesting traffic"192.168.16.0/24 - 192.168.254.0/24and exclude192.168.0.0./24 - 192.168.15.0/24What is the correct acl -- ip and wild card mask? e.g. 192.168.16.0 0.0.15.255, which isn'...

How to log session when password recovery is done on idsm

Hey guys,I just purchased the CSM 3.2 enterprise. We currently have the 5 device license. I was wondering, does the software that I got from cisco capable of being a completely new install or is it just an "upgrade" package. I was thinking about buil...

I've moved a dial-in PPTP config from a PIX to a IOS router, but I cannot find the equivalent IOS commands for the PIX config:vpdn group 1 client configuration dns x.x.x.xandvpdn group 1 client configuration wins x.x.x.xAnybody know what the equivale...

I have CSM 3.1 currently running on a server. I have installed CSM 3.2.1 on a new server. How do I move the IPS devices from the 3.1 server to the 3.2.1 server? Discovering the devices on network fails.

FYI..Does anyone know what needs to be passed thru the ASA firewall to allow access for people with iPhones? TIA, Gary