Network Security

Resolved! Remote access vpn in ASA 5505

Hi,we have Lan-to-lan VPN from our office to head office in US. we have servers in US located in DMZ ie database & webhosting, we have enabled remote access VPN also for our client who want to access these servers when they connected to remote access...

NAC Guest Server and WLC 2006

Hi. I got some problem when integrating NAC Guest Server v1.1.1 with Wireless LAN Controller 2006 v4.2.112.0. I want the NAC Guest Server to act as RADIUS Server when using WLC's Web Authentication. WLC and NAC are in the same subnet:Configuration as...

Site-to-site VPN trouble

Hey!I'm having some trouble with a site-to-site VPN:The two external ip addresses, 10.10.10.1 and 10.10.10.2, can ping each other. But I can't seems to get the inside LANs (192.168.1.0 and 192.168.100.0) to find each other thru the tunnel.Have miscon...

Resolved! subinterfaces

Can someone verify the premise behind subinterfaces/vlans on an ASA? I'm a little confused. On a router, a subinterface or secondary interface is a logical interface using a hardware interface. No switch required. But now as I understand subinter...

IPS with HTTPS traffic

Hi,Is there a way, if I have the private key for an SSL certificate , that I can load this into the ASA with an AIP SSM module and be able to see if there attacks over SSL to one of my web servers?Thanks,Brantley

More SMTP errors after installing new ASA

Hello,I installed a new ASA5510 in place of our old PIX515E last Thursday night. Since then, our GroupWise server has been showing a significantly higher level of deferred email. The logs are full of messages similar to the excepts I've pasted belo...

PIX 525 management

Hi I have a Cisco PIX525 and i'd like to know how I can monitor the output information of the "sh service-policy" command trough SNMP (instead of CLI) including the number of sessions established through an interface. Is this possible? If yes, how?

Resolved! CSA and ISS System Scanner

I am running CSA 5.1 and ISS System Scanner agent[Assuria Adutior 4.2]. CSA seems to stop the agent from listening for the ISS consoles calls. when CSA is remove the agent functions correctly. CSA will stop sysscan process even in test mode. If anyon...

ASA 5505 vpn-idle-session timeout (newbie)

I am having issues with an ASA 5505 not timing out after setting the vpn-idle-session time-out command. I tried setting the value to 2 minutes, but the connection remains intact. I need it so that the session to timeout after 30 min of no user acti...

Urgent: CSA 6.0

does the CSA 6.0 released or not yetbecause it was supposed to be released at may 2008 is there .msi package available for CSA

activex/java

Is there a way to block activex and java using the ASA? I would need to block all activex/java with the exception of a few requested sites, is that possible?

PIX 501 reboots in loop

Hi,My Firewall PIX 501 doesn't stop rebooting in loop. I can't access to the running configuration just in rom monitor.Please find attached the log. An internal error occurred. Specifically, a rrogramming assertion wasviolated. Copy the error messa...

Mapping an outside address to an inside address

Hi all,im getting a problem mapping address on ASA.I have a outside host (host-A) (10.10.10.2) on same switch that outside ASA interface (10.10.10.1) is plugged. And I have another host (host-B) on DMZ (172.16.2.2). I wanna map the outside address 10...

static NAT, to non-connected subnet

I'm using a PIX 515E with version 7.0, connected on the outside to the Internet, and on the inside to a router, both with IPs in the 192.168.3.0/24 subnet. "Behind" the router is a 192.168.1.0/24 subnet. I want to configure static NAT entries on the ...

Cisco IOS VRRP ip cannot act as EasyVPN server

Hi,I've recently installed two 2801 routers and tried to get VRRP working with my EasyVPN server. However this keeps on failing :(I can connect using the Cisco VPN client to either of the two routers, but as soon as I enable VRRP and connect to the V...

Network Security

Forum Posts

Resolved! Remote access vpn in ASA 5505

NAC Guest Server and WLC 2006

Site-to-site VPN trouble

Resolved! subinterfaces

IPS with HTTPS traffic

More SMTP errors after installing new ASA

PIX 525 management

Resolved! CSA and ISS System Scanner

ASA 5505 vpn-idle-session timeout (newbie)

Urgent: CSA 6.0

activex/java

PIX 501 reboots in loop

Mapping an outside address to an inside address

static NAT, to non-connected subnet

Cisco IOS VRRP ip cannot act as EasyVPN server

Cisco FTD/FMC IPsec Tunnels: “Up” Doesn’t Always Mean Working

Cyber Vision Sensor version

FTD 7.2.5.1 → 7.6.2 Upgrade sftunnel TLS Failure — Certificate Mismatc

Suppress Closed Responses on Non Existent TCP/UDP Ports

FMC Upgrade to > 7.4 || 7.6

How does BGP flowspec work

FTD to AWS VPN gateway IKEv2 phase 1 lifetime mismatch

IPs needs to excluded from protected network Site to Site VPN on FTD

FTD HA Pair - Config Sync Status: What does "Sync Skipped" mean?

FTD Route Based VPN question