Network Security

I have a security rule that prevents outbound SMTP connections from LAN IPs. This rule was inserted because it seems we have some infected PCs that are trying to send mail. Is there a way I can see what IPs are being denied the outbound SMTP so I c...

I updated our CSM installation from 3.1 version to the new 3.2.0. The installation finished without any problem, but now I'm not able to start the CSM Clients anymore. The new version just crashes with a java exception. I noticed in the help, that on...

Is there a way to export custom signatures from one IDS system to another. Either from the sensor, CDM or IDSM. Also is there a way to import Snort signatures and import them as Cisco sigsThis would be for IPS 4200 series devices

Apologies in advance if this comes off like a totally boneheaded question! :-)Our situation is that we currently have a PIX 501 firewall, and we're upgrading to an ASA 5505 because the PIX is getting a little long in the tooth and coming up on end-of...

Is there a way to configure the IPS 4240 to monitor traffic but not to block connections? We are currently evaluating the device but would prefer it to monitor rather than block any live traffic at this stage. We have configured an event action fil...

i have an ftp site setup that should be passing through my firewall but i am getting an error of no translation group. i do have Nat 0 allowing traffic between interface 1 and interface 2. I have attached a copy of my config

HelloWe have a FWSM in use with some 3.1.x software on it. The clients are authenticated via http AAA login box.We would love to switch to https instead of http.My tests have shown now that the https URL is always the one the client typed in into his...

I have to connect two offices using 1841 routers . I just have an issue both the sides are behind a single subnet and I have to do NATTING. The issue is how will be the router able to manage that which IP exist at which site. The same issue exist wit...

I currently have a pix 515E running version 6.3. I'm upgraging to version 7.2 but need to convert the following to 7.2 format. fixup protocol ftp 21fixup protocol h323 h225 1720fixup protocol h323 ras 1718-1719fixup protocol http 80fixup protocol ils...

On an Active/Active firewall configuration with Standby addresses configured what will happen if the Active interface goes down? In our setup the firewall did not fail over. But it did fail over for the interfaces which did not have an IP address con...

Hi,I have a web server in LAN (no DMZ used) but the access is very long. This message appears : Deny IP spoof from (217.128.x.84) to 217.128.x.84 on interface outside217.128.x.84 is my ISP IP.When I activate IP Spoof on Outside interface, I have the ...

Hello,I would like to create on a CE router a different QoS depending on 2 traffic types: web and the rest. The idea is to give to a less important application (the web) only 30% of the bandwidth.My problem is that, with the following configuration, ...