Network Security

I have an ASA firewall and I want to block the users to transfer files in the MSN instant messenger. I know there is a feature in Application Policy that should take care of it but it's not workint, I've set the IM inspection and set the File-transfe...

Does the Regex engine used by the IPS support lookahead syntax? I'm working on creating a custom signature using the TCP String engine that I want to fire if it both finds a given string, and does not find a second string. A negative lookahead seemed...

I am currently logging into the Pix 8.0(2) usingssh version 2. This is my test box:aaa authentication ssh console ABC LOCALaaa accounting ssh console ABCssh 0.0.0.0 0.0.0.0 outsidessh 0.0.0.0 0.0.0.0 insidessh timeout 60ssh version 2I want to only a...

Hi All,We are facing a peculiar issue with ASA. we have internet connectivity in the following combination. Internet router --> ASA firewall --> local LANWhen ever users are downloading huge file from internet, sitting behind ASA the download is not ...

I want users on the inside 192.168.1.0 to access any resource on the outside 10.15.0.0 and then allow selective users on 10.15.0.0 to access resources on 192.168.1.0. Is it possible to do it? Running config is as follows: ASA Version 7.2(3) !hostname...

Hi,I want to NAT an inside local subnet (172.1.0.0) to inside global (172.2.0.0) when going to 10.1.0.0 but I need the hosts to keep the same address after translation...how would I accomplish this?global (inside) 8 172.2.0.0-172.2.255.255 netmask 25...

Guys,Hope you can help. I am getting this errorJan 10 17:45:33 [IKEv1]: Group = 213.XXX.XXX.XXX, IP = 213.XXX.XXX.XXX, QM FSM error (P2 struct &0xd5c50928, mess id 0xc9d79d4e)!Jan 10 17:45:33 [IKEv1]: Group = 213.XXX.XXX.XXX, IP = 213.XXX.XXX.XXX, Re...

Hi ,I am runnnig 7.07 in pix 525 with the following problems :1.Cpu utilzation is extermely high. (52%)If I analyse the cpu profile will that incerase the utlization further?2.My pixes have failed and crash thread is fover_serial_rx and it is showing...

Hi folks, I am planning to implement NAC at my customer site, I have only one NAM and one NAS, the customer has WLC, IP Telephony, campus users and VPN customers.what is the best mode that can fit implementing the above four areas ? is it possible th...

I'm reviewing solutions for WIDS event monitoring & mgmt, geared around our deployment of over 2000 mini-WLSE units and 2 campus deployments of the WLC platform.I'm looking for an appropriate solution to receive WIDS traps/events from those sources, ...

I am currently running a Demo of the Cisco ASA 5540. My current problem is this:I am trying to allow access to our Citrix web interface via clientless SSL VPN. I publish an internal link to our Citrix server(s) on the Portal page and the link connect...

We are unable to deny ASA admin functions to users who have connected via VPN. In summary, any user that makes a remote VPN connection to our ASA is able to start up ASDM and/or the https java applet regardless of the privileges set. This, in our o...

How do I open port 3389?This is what I typed in, but it didn't work. static (inside,outside) tcp x.x.x.x 3389 192.168.3.2 3389 netmask 55.255.255.255 access-list outside_in permit tcp host any host x.x.x.x eq 3389”I don't know what to use for the ...