Network Security

ICMP traffic through ASA 5505

Hi,I've got a default setup (with DMZ) from the ASA 5505. How can i allow ICMP traffic from inside to outside without messing up the default settings (allow all from high to low security)ThanksRemco (newbie :)

MARS and Symantec Endpoint Protection (SAV 11.x)

MARS uses AMS to retrieve/parse messages from older versions of Symantec Antivirus. AMS doesn't exist in the newest version (aka Symantec Endpoint Protection). Is there a way to integrate SEP messages into MARS? If not, does anyone know if Cisco h...

PIX to ASA conversion / DNS problems

I'm migrating from a PIX 525 to ASA 5520 failover pair. Both firewalls are at 7.0.7 code. At cutover time, configuration commands were copied from PIX to ASA with adjustments made to interface names, as well as speed / duplex of interfaces to keep ...

Policing not working

i want to implement LLQ for my users. I want that when specific user try to access specific subnets it getsonly 8 KBps. I have cisco router 2821 with two FE ports.I have made the following configuration but still not able to restrict the user to 8 KB...

Resolved! Can you create a client VPN access without requiring username/password?

My vendor wants me to create a client VPN access for them in my ASA to only use groupname/password without being prompted username/password because they have a automated script that runs at night. Can change do I need to made?ASA 7(2)1interface ether...

IPS Help

Hi,I am a starter as far as IPS is concerned. Can anybody refer some documents for basic concepts and configuration of IPS.Thank in advance.Regards,Asim

exclude destination address from sig

New to Cisco IPS.... I wish to EXCLUDE a single destination IP address from a signature -- have the sig fire it it trips for all BUT one IP address (which is a confirmed false positive). The sig name is BO2K-UDP. want to have it ignore events for a s...

Resolved! ASA 5520 - Removing the Passive Unit from Active/Passive

Hello,I would like to remove my passive unit from my current active/passive setup. Other than just unplugging the FOLink and turning off the unit is there a safe method of removing it from the pair? Keep in mind this is a production firewall housing ...

SYN flood attack log In CSA MC

I got an SYN flood attack log in CSA MCCSA log: TESTMODE: A potential SYN Flood attack has been detected. This may also indicate a possible routing problem. Reason: The TCP Listen Queue is full using interface Wired\HP NC7781 Gigabit Server Adapter #...

Can you create a limited client VPN access?

My vendor wants to use client VPN to access my network but I want to limit them to access one IP 192.168.1.1 using port 443. What change do I need to made?Here is the short version of config.interface ethernet0 ip address 10.10.4.200 255.255.0.0 name...

Resolved! captive portal

Hi, does the ASA 5505 include a captive portal? If not, what is Cisco's recommended solution for implementing a captive portal? I'm betting it's not m0n0wall.Thanks,Mike

NAT

Hi,I need an explanation of the key word "extendable" in the nat configuration.have you an idea

Resolved! FWSM - telnet/ssh access

I have added a new FWSM in a 6509 distribution box. Here is how it is conenctedAccess switch -> 6509 FWSM -> MSFC -> Core -> My PC networkconfig on the FWSM:interface Vlan850 nameif inside security-level 100 ip address 10.50.100.1 255.255.255.0!inter...

check the traceroute for public network

Dear friends, I have Pix firewall 515E with 6.1 IOS now i want check trace route form my firewall to public networkBut i did not find any command for that Thanks in advanceThanking You Deepak Parmar

implement a ASA VPN soloution that is integrated with Active Directory?

How do implement a Cisco ASA VPN soloution that is integrated with Active Directory?I currently have an ASA and would need my remote vpn clients to be authenticated by my Active Directory domain (domain.local).Can somebody provide me with a sample co...

Network Security

Forum Posts

ICMP traffic through ASA 5505

MARS and Symantec Endpoint Protection (SAV 11.x)

PIX to ASA conversion / DNS problems

Policing not working

Resolved! Can you create a client VPN access without requiring username/password?

IPS Help

exclude destination address from sig

Resolved! ASA 5520 - Removing the Passive Unit from Active/Passive

SYN flood attack log In CSA MC

Can you create a limited client VPN access?

Resolved! captive portal

NAT

Resolved! FWSM - telnet/ssh access

check the traceroute for public network

implement a ASA VPN soloution that is integrated with Active Directory?

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Anyone from a MSSP using Cisco Defense Orchestrator?

Error in connection to Certificate Authority: status = FAIL

Firewall Migration Tool v7.0.0.1 now live!

Anti-Malware Application condition CS

Disable IPS on Firepower 4120 for PSN/PCI Scans

ASA 1010 BGP SNMP OIDs

Firepower 1120 FTD Setup

Captive Portal doesn't work in FMC

Cisco ASA uninstalling SFR module

How to rebuild the /etc/sf/sftunnel.conf