Network Security

Resolved! Windows domain access from DMZ

I have a web server in a DMZ. We can access web pages on the web server from the internal net and the web server can see a database server on the internal side. The web server can ping the DC, but windows authentication does not work. I need to be ab...

VPN's into ASA can't access the Internet

Hi,I have managed to get Cisco Client VPN's and a Site-to-Site office VPN (Cisco 877) onto my Cisco ASA and all working, until I issued the "no sysopt connection permit-vpn" command. This stops VPN traffic from being exempt from access-lists.I want ...

ASA routing configuration

Hi guys,Could anyone please help me out with the configuration to meet the following requirement?I have one MPLS link which is terminating on the MPLS router and from there I am connecting my ASA Firewall. My inside Network is 192.168.12.0/24. I have...

PIX506E Backup

up anyone know the cmd line to back up my pix to a tftp server...

ASA Failover

Our primary unit failed over yesterday stating communication failure, but I want to failback. I used the failover active command, but I'm assuming that is not going to work since failover seems to be 'off'.FW-IN01# sh failoverFailover OffFailover un...

Site-Site IOS behind NAT through ASA

I am trying to get isakmp/ipsec to work between two Cisco routers. One router has a static public IP, the other router is on a 1-1 NAT behind an ASA5510. The 5510 is using standard Fe0/0 for outside and Fe1/0 inside. I have allowed all of the neede...

Resolved! Recommended best practices for DMZ layout

We are laying out our new DMZ and wanted to know what is the recommended approach for setting up our web servers and database servers? Should the web servers (front-end) be placed in one DMZ and the database servers (backend) be placed in a seperate ...

Cisco ASA Microsoft(info) - Cisco-AV-Pair, multiple DACL

Hi I'm trying to add downloadable ACL's via a LDAP map. I have done a map between the info attribute in Microsoft ActiveDirectory and the Cisco-AV-Pair field.My problem is that when I add two lines in the configuration i recive an error in the ASA lo...

ASA Failover

Dear All ,I have two ASA's connected in a failover mode .The issue is that when the inside -switch 1 goes down active ASA (ASA-A ) is not coming to standby mode. On the active ASA , I have made the configuration to monitor both inside and outside ...

ASDM error

im trying to access the ASA 5520 and getting the attached error ? any clues ? . I can telnet to the ASA without any issue . before i was able to access to ASA from same PC without any issues

Largest Ping Size ?

Hi,Does the Pix have a setting as to what ICMP/Ping packets size it will permit to pass ? If so how is this configured ?Thanks

[ASA] Bandwidth reservation

I have a ASA5550 en would like that max 100 users with a bandwidth of max 4Mbit can setting up a VPN session. Is this possible and how can I configure this.I have already setup the max IPsec connections of 100 sessions.But I can't find out how I nee...

Resolved! IPS logging turning over every few hours??

For an initial install I have configured to log all attacker/victim pair packets investigating events in detail and not meant to be on all the time. It will be turned off to see if this reduces the amount of storage space that is being consumed so we...

Conversion tool?

Anyone know of a tool to convert a VPN 3030 configuration to run on an ASA 5520? Always hopeful.

PIX 506E VPN Cant Ping

Got a PIX 506E configured for VPN Client Access.VPN Client connects however cannot ping anything on the LAN.Confirmed config with other Cisco Docs and is okay. Please help

Network Security

Forum Posts

Resolved! Windows domain access from DMZ

VPN's into ASA can't access the Internet

ASA routing configuration

PIX506E Backup

ASA Failover

Site-Site IOS behind NAT through ASA

Resolved! Recommended best practices for DMZ layout

Cisco ASA Microsoft(info) - Cisco-AV-Pair, multiple DACL

ASA Failover

ASDM error

Largest Ping Size ?

[ASA] Bandwidth reservation

Resolved! IPS logging turning over every few hours??

Conversion tool?

PIX 506E VPN Cant Ping

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?