Network Security

HiI am trying to get RADIUS traffic thru and FWSM.Inbound:interface Vlan817 nameif NetworkServices security-level 20 ip address 10.128.1.81 255.255.255.240 Outbound:interface Vlan777 nameif TestLDAP security-level 100 ip address 10.128.1.129 255.255....

I have a cisco pix 525 v6.3 with UR license (and another with an FO license). Currently they have 2 gig ints, and 6 Fa ints. Normally the sh ver shows me max physical int = 8 and max int = 12. But I want to make sure from you guys the following: ...

Dear All,I am working on a 515e with the following interfaces:nameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security4nameif ethernet3 webside security6nameif ethernet4 backweb security8nameif ethernet5 bakw...

I have an ISS IPS that I would like to put inline in front of my FWSM. This should be straight forward, but I want to use transit VLANs instead of physical connections. My question is can this be done? If it can, how would I do it? I have accompl...

Can 192.168.2.11 connect to Terminal Server on Mapped IP?Please check the attachment!

I can't figure out how to configure NAT properly.I want incoming http requests on interface outside to be forwarded to host 192.168.3.2 on interface dmz. But everything gets denied. Is this a NAT problem or an ACL problem?The outside interface is 192...

Does anyone know how to trouble-shoot state condition false positives.I can't see to find in the logs what is doing this ?----------------------------------------Hosts in state condition Unprotected access detected

I want to have our 5510 detect when we are getting a dictionary attack on our FTP server. Do I need the IPS module in order to this or can this be done on the base unit as well?Thank you.

Hi All, We are trying to deploy IDSM2, which is acting in promiscous mode at this moment to act as inline ..We are understanding that, there are couple of methods by which we can deploy that,one by making interface pair config and other in vlan pair...

I am setting up 2 redundant 5520's in failover mode to replace a Checkpoint FW. The new ASA's have 4 Gig and 1 fast ehternet interfaces to use. I need to establish 2 DMZ's, 2 outside connections, and obviously 1 inside interface. Since one interfa...

I have to create a Poison Pill where CSA can essentially disable a system to the point that it is unusable and not recoverable. I know there are several rules that can possibly do this by themselves, but I was wondering what would be the most effecti...

I am using SDM for the first time to set up a 871 router. There is a predfined policy that just seems counter intuitive. It is found in the Firewall and ACL section and is called sdm-permit. It is applied from the out-zone to self. This is the con...