Hi We run PIX525 ver 7.01 and get following error when traffic from inside to dmz:2007-04-17 20:31:56 UTC Local0.Info 192.168.252.1 Apr 17 2007 04:08:23 : %PIX-6-106015: Deny TCP (no connection) from 192.168.1.x/443 to 192.168.0...
I got a Tivo for Christmas and I'm trying to open the appropriate ports on my PIX 501 to allow it to communicate with the Tivo service. The Tivo knowlege base says I need to open these ports for inbound and outboud access: - TCP 37,2190,4430, 7287-...
i am using and asa5520 with ios 7.2(3). I have assigned all interfaces into security level 0. I have configured access lists to permit traffic through the interfaces but all traffic is denied. when i allow traffic between interfaces with the same sec...
Does anyone use CSA for desktop lockdown or is it too cumbersome for that task and 3rd party products are being used with it? I just want some essential user lock down capability: limit access to control panels, restrict USB, control network settings...
Hello, I am using an ASA 5540 VPN edition to terminate VPN connections from software clients and PIX/ASA boxes using EasyVPN (in network extension mode). I am trying to get the PIX/ASA remote networks and the VPN Clients to talk to each other (they ...
Objective: Provide site-2-site VPN, remote access VPN and protect servers farm.Which is a better design? I feel muchmore comfortable having the VPN concentrator being protected by the firewall; however, at the same time,both encrypted and decrypted...
I want to buy a AIP-ssm IPS for ASA 5510. Can I block msn ? Can I say this IP can use MSN but these are not ? is that possible ? I know that there is no user based configuration on IPS but is there a way to do that with IP ?
Hello Dear guysI have a cisco nac solution (OOB)i want to user role base vlan taggingbut when i want to integrate active-directory users to NAC ,, it push all of them in one role.I cant not connect to OU of Active to seprate users :(any idea please?
when we try to connect to the web interface we get this in the logs Dropping TCP packet from dmz:smswitch.internal/80 to outside:cox.home/50206, reason: MSS exceeded, MSS 1260, data 1430
I'm trying to install an ASA 5505 on my Bellsouth pppoe DSL service and finally got everything working with the exception of name resolution. I can now ping 4.2.2.2 from an internal client, but I cannot surf the web or ping any servers on the Intern...
Hey guys.I have an ASA with an outside/inside/DMZ scenario. (TMP-WAN is the DMZ)I've got the global statements working on both the inside and outside interfaces. PAT on the outside works fine. PAT is also on the inside interface as there are a number...
Hi everyone,I would like to know how "fixup protocol sqlnet" works on PIX.I personally think "fixup protocol sqlnet" just scans/inspects embedded IP address and port number on SQL packet and not protect SQL injection because of PIX provides just pack...
A practical dillemma led me here:A customer has several remote sites wich each have a pc that connects to a virtual IP in the HQ lan, which in term is natted to a real HQ server IP on the asa. Now the need has risen to nat a specific group of remote ...
Hi, I want allow that VPN crossing the PIX 535 firewall. What the configurations steps in the PIX to do this ?. The VPN will be estabish between a Cisco 1811 and 7200. TKS
