I'm sure this is standard stuff, but I cant figure it out. I want to allow MS VPN connections initiated from inside to get out a PIX 501. Any help?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(84) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,510) -
Cisco Bugs
(31) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(139) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Management Center (FMC)
(3) -
Cisco Secure Firewall Threat Defense (FTD)
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(42) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(258) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(25) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,567) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(319) -
MPLS
(1) -
Multicloud Defense
(2) -
Network Management
(90) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,553) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,769) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(624) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(41) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
On an ASA 5500 I have setup basic extended access-lists (eg access-list inside_access_out)My connections work, however I am seeing alot of Denies such as:Deny tcp src 192.168.1.1/80 to 192.168.2.1:65535 which is the reply to a connection started on t...
Resolved! How to check for PFC3 failure?
I've been wrestling with setting up an ACL on a Sup720 card. It fails every time port number enter the equation. I've tried any number of variations on the ACL commands, all of which look like a textbook example of ACLs from the command reference doc...
My ISP has given me two different ip ranges, a /30 and a /29. The /30 is to connect to them, and the /29 are all mine to use.Normally, I'd set up a router to translate between the /30 and the /29. give the router the first address, the fw the second ...
Hi,After upgrading my asa devices (2*5510) I started to getting odd messages which relate to lan-to-lan connection between these:Dec 4 03:18:15 stasa1 %ASA-3-713227: IP = A.B.C.D, Rejecting new IPSec SA negotiation for peer D.C.B.A. A negotiation was...
I have 5 (soon to be 8) PowerEdge servers that I want to firewall and have only certain ports (HTML, RDC, FTP) open. Each server has its own IP on the web. Wire comes in, goes to a 3COM switch, then to individual Linksys routers, then to the Servers....
Why does the Firewall Services Module source the mac-address of the inside interface and not the mac-address of the outside interface when passing traffic outbound out of the outside interface to the outside world?
Hi to all,I have a problem with a virtual workstation XP SP1 (VMware) with VPN connectivity: when i accessed as standalone user i don't have any problem, but when i put it into domain and login with a user domain account, the login process crash (onl...
I've received a new asa5520 with aip-ssm (ssm-20). I have upgraded the ASA image to 7.2(3) successfully. I am trying to upgrade the SSM module from 5.1(6)E1 to 6.0(3)E1. I have the following connectionsSensor IP: 10.0.0.3ASA G0/0: 10.0.0.2Gateway:...
I had the 5505 installed about a month ago and it was working great, showing events. But as of today it shows nothing. I go to the Real-Time log viewer in the ASDM, choose Informational (or any other option) and it brings up the real-time window bu...
Have an ASA running v8, trying to figure out how to block inbound Cisco VPN client traffic to the external interface and only allow 1 block of public IP's to initate the connection. I have created access lists blocking all inbound traffic on the exte...
I'm a beginner with IPS, but I'm confused with the terms packet and content filter, when I'm looking in some documents on the web they are talking about packet filtering; statefull packet filtering etc ..., I see also the term content filtering, what...
I have setup CSA for several users. One of the log messages we receive on many hosts is the UPNP port 1900 blocked messages. I would like to leave the rule itself alone so we can use it in other groups, so I created an exception. I set it up as a...
I am changing from VPN3000 to Cisco ASA but when i try to move the pre-shared keys for VPN-groups from Cisco VPN 3000 it contains the character ¤ which seems to be unsupported in Cisco ASA but supported in VPN3000, does anyone know? The ¤ is typed ...
In the last few weeks, we are seeing consistent high CPU on one of the IDS devices-- staying at 100% for hours. My question: what affect does this have on analysis? Will events begin to be dropped?
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 07-16-2025 04:21 AM | ||
| 07-06-2025 01:40 PM | ||
| 07-04-2025 01:59 AM | ||
| 06-19-2025 07:32 AM | ||
| 06-17-2025 01:07 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 2 | |
| 1 |
