Hi there,could u give me some advise for the following issue:nat (dmz) 13 access-list nat-dmzglobal (internet) 13 194.x.x.xaccess-list nat-dmz permit tcp host 10.88.x.x gt 1023 any--> a normal policy Nat statementand I also have a static:static (dmz,...
Hi, being new to the concept of correlation and deep packet inspection, i have few design related (to CS-MARS) questions.- How isthe incident analyzed? I have only 1 incident "Inactive CS-MARS reporting device".. What does this mean, and how to go th...
I have a Linux host behind a Pix515. Everything behind the Pix is PATed to thePix outside interface:nat (inside) 1 0 0global (outside) 1 interfaceI have a Solaris 9 on the Internet. I have a 100Mbps connection to the Internetvia the Pix.When I perf...
I would like if possible to configure this scenerio.I have remote sites with PIX 506 s connecting to a cisco 2801 router with VPN AIM. This is working correctly. Now i have also a second 2801 for redundancy purposes. If i set the pix up with a secon...
I believe there is a default 30 min TCP idle session timeout attached with every TCP service. There are features in other firewalls to increase this timeout or set it to None. Can we do the same in PIX/FWSM also.Could you help me with commands to ver...
My ASA 5510 is intermittently denying access form my ISP's mail server to our internal SMTP gatway.The acl applied to the outside interface of the firewall allows tcp any any to the smtp server on port 25. There is no access-list applied to inside in...
Hi, I have 1- Firewall configure with outside IP 201.100.100.12- Router 1 with loop back 10.1.1.1 (inside network)3- Router 2 with loop back 10.2.2.2 (inside network)I configure the following on ASA Static (inside,outside) tcp 201.100.100.1 1100 10.1...
Hi Guys,I have 2 525s and they are doing failover.This is my first affair with pix failovers so I want to know if I can get the running config of the stand-by PIX from the active one?thanks
Hi,I'm trying to figure something out.When I Enable Logging on ASA or PIX, what does it log exactly by default?Does it log traffic of Permit Rules or just traffic of Deny Rules? (this is when default is selected in logging options in the rule itself)...
A remote client tried legitmately to 3 way handshake a TCP connection through our firwall and instead of going into UP state, the TCP connection failed, with the Pix "Show conn" flags showing "SaA" on the client side and "SaAB" flags on the server si...
Hi!!!I have 6 4500 switches as area/distribution switches that are connected with core (6500) with IP (L3 mode). OSPF is running across the network. FWSM module is installed into 6500 switches where Server VLAN is also created.I want all traffic to s...
Dear sir,We r facing a strange problem we have vpn servers in us and we have aacese different sites through vpn .Here we have cisco ASA-5510 i configure the firewall internet is working fine and i am able to connect vpn But iam not able to browse som...
