Network Security

Inside to DMZ static nat for host

I have just a general question about the routing on firewall interfaces.If I have a firewall inside interface 10.1.1.1And my DMZ is 192.168.1.1Say I have a host in the DMZ 192.168.1.100.My workstation is 10.1.1.100 and I am using the firewall inside ...

PIX Version

Looking to upgrade my pix version from 6.3.3 to 6.3.5 anyone know where the download file is and how i can apply it?

3140 NAC

New install of 3140. I already have CAM setup and now setting up CAS in OOB VG. Just want to make sure as cco doc statest E0 is trusted and E1 is non-trusted. However, 3140 has physical E1 and E2 interface. 1. Can I assume that physical E1 is actuall...

FTP from behind ASA 8.03 problem

From behind an ASA 5510 with 8.0.3 running, I can't establish and FTP connection to any server, either active or passive. It seems to die at getting the directory list. It can connect and verify username and password, then just sits for a minute then...

Resolved! What DOESN'T 'permit IP any any' allow?

A service provider customer wants to install a pair of fail-over multi-context firewalls in the least disruptive configuration (permit ip any any, inbound and outbound). Over time and according to a multi-phased plan, they will tighten the filtering,...

ASA - PPPoE session idle timeout ?

Hello,I use 5505 as PPPoE client in small office and everything works fine during weekdays,people browsing and accessing remote VPN from outside.Some time at mid-weekend ASA becomes not accessible for VPN/ping/ASDM,I assume that PPPoE session expires...

Resolved! Windows domain access from DMZ

I have a web server in a DMZ. We can access web pages on the web server from the internal net and the web server can see a database server on the internal side. The web server can ping the DC, but windows authentication does not work. I need to be ab...

VPN's into ASA can't access the Internet

Hi,I have managed to get Cisco Client VPN's and a Site-to-Site office VPN (Cisco 877) onto my Cisco ASA and all working, until I issued the "no sysopt connection permit-vpn" command. This stops VPN traffic from being exempt from access-lists.I want ...

ASA routing configuration

Hi guys,Could anyone please help me out with the configuration to meet the following requirement?I have one MPLS link which is terminating on the MPLS router and from there I am connecting my ASA Firewall. My inside Network is 192.168.12.0/24. I have...

PIX506E Backup

up anyone know the cmd line to back up my pix to a tftp server...

ASA Failover

Our primary unit failed over yesterday stating communication failure, but I want to failback. I used the failover active command, but I'm assuming that is not going to work since failover seems to be 'off'.FW-IN01# sh failoverFailover OffFailover un...

Site-Site IOS behind NAT through ASA

I am trying to get isakmp/ipsec to work between two Cisco routers. One router has a static public IP, the other router is on a 1-1 NAT behind an ASA5510. The 5510 is using standard Fe0/0 for outside and Fe1/0 inside. I have allowed all of the neede...

Resolved! Recommended best practices for DMZ layout

We are laying out our new DMZ and wanted to know what is the recommended approach for setting up our web servers and database servers? Should the web servers (front-end) be placed in one DMZ and the database servers (backend) be placed in a seperate ...

Cisco ASA Microsoft(info) - Cisco-AV-Pair, multiple DACL

Hi I'm trying to add downloadable ACL's via a LDAP map. I have done a map between the info attribute in Microsoft ActiveDirectory and the Cisco-AV-Pair field.My problem is that when I add two lines in the configuration i recive an error in the ASA lo...

ASA Failover

Dear All ,I have two ASA's connected in a failover mode .The issue is that when the inside -switch 1 goes down active ASA (ASA-A ) is not coming to standby mode. On the active ASA , I have made the configuration to monitor both inside and outside ...

Network Security

Forum Posts

Inside to DMZ static nat for host

PIX Version

3140 NAC

FTP from behind ASA 8.03 problem

Resolved! What DOESN'T 'permit IP any any' allow?

ASA - PPPoE session idle timeout ?

Resolved! Windows domain access from DMZ

VPN's into ASA can't access the Internet

ASA routing configuration

PIX506E Backup

ASA Failover

Site-Site IOS behind NAT through ASA

Resolved! Recommended best practices for DMZ layout

Cisco ASA Microsoft(info) - Cisco-AV-Pair, multiple DACL

ASA Failover

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Securing SSH, TLS, VPNs on Cisco IOS ISR

Announcing the releae of Firewall Migration Tool Version 7.7.0.1

SNMP MIB oid to find the logical device information (FTD instances)

Cisco Firepower FTD with secure FMC : VXLAN

FTD PAYG licensing in AWS to enable AES256 Encryption

FTD Reference Bandwidth

How to fix vulnerability CVE 2025-20197 thru 20201

Secure Client can no longer access servers in our Data Center

Using custom feed for block IP on ASA 9.14