Network Security

VLAN Tags Through a PIX?

Is it possible to pass vlan tags through either a PIX 535 or a CISCO 6503?Scenario:I have several switches in line with each other, all layer 2, connected to one router. Router ----> Switch ----> SwitchI'm running a handful of different vlans from th...

Help with 501 !

Okay so I've looked over the config many times and I can't figure out what the problem is. I have 2 servers running behind the PIX (s1 - out 78.xxx.xxx.15 in 10.xxx.xxx.83 s2 - out 78.xxx.xxx.14 in 10.xxx.xxx.85). From server 1 I can VPN/RDP in, b...

Using Static with port range

I have situation in which i need use port range with Static.is it possible???

Firewalling: Management port M0/0 on ASA 5520 - Interesting issue

Hi, I have a big network comprising of 10.0.0.0 my inside interface ip is 10.100.1.1 /24 my management interface ip is 10.150.1.1 /24 The default inside route in my ASA is route INSIDE 10.0.0.0 255.0.0.0 10.100.1.1 From my user network - 10.200.1.X, ...

Static between interfaces PIX

Good day. It is necessary to make translation of the address between 2 interfaces: dmz2 security-level 10 dmz1 security-level 40 In dmz2 62.33.x.77 address It is necessary that in a network dmz1 it was accessible to the address of 62.165.y.77 the Com...

ASA 5510 VPN session disconnections

HiWe have set up an IPsec site to site VPN tunnel with ASA5510 and Checkpoint on the remote side. ASA5510 is running version 7.2.1. The VPN tunnel comes up but when users use windows Remote desktop to access the remote servers the user sessions get d...

Resolved! MARS License: Print is too small!

Does anyone else find the size of the type used on the Mars license too small? I'm referring to the license tag on the front panel of the MARS box.I'm using a magnifying glass on it and can't tell the difference between S and 5, G and 6, O and 0, Z a...

Issue with IPS alerts involving Secure Content Accelerator

We have deployed CSS-SCA Secure Content Accelerator to terminate the SSL connectiion from the clients and the traffic between CSS-SCA and servers is HTTP on port/80. Our IPS sensors (deployed in detection mode) see this HTTP traffic and triggers ala...

problem with asa5520 exchange access Active Directory

hi,inside have a AD Server.dmz have a exchange mail Server.problem:1.exchange service not start.2.asa access-list allow all ip.access-list temp permit ip any anyaccess-group temp in interface dmzaccess-group temp in interface insideaccess-group temp ...

PIX 501 PPTP Help?

I'm just trying to allow pptp (1723) from an outside network to access the servers behind the pix that I have installed. I know it is a simple access-list... any help?Thanks!

ASA SSL VPN CLIENT without browser

I know the new AnyConnect VPN client allows you to establish SSL VPN sessions to ASA 8 without opening a browserCan I get such functionality with ASA 7? I downloaded the SSL VPN client from software center (sslclient-win-1.1.3.173.zip) but this only ...

Resolved! ACL question

I have an acl to get all users out to the internet- access-list Internet_access_out tcp_group_internet_accessaccess-list Internet_access_out extended permit tcp any any object-group internet_test access-list Internet_access_out extended permit tcp an...

Split tunnel for for a spcific group?

We have a PIX 515E that controls our VPN access.I have been requested to allow internet access for those who connect to the VPN.This can be done with split tunneling. My question is:We have two inside interfaces. One is no problem if they split tun...

Resolved! PIX 506E's/6.3.5 loses RSA key after reload

Hi,I've noticed this behavior on several PIX506's running 6.3.5. I have them configured to allow SSH access from outside. They all work fine until a reload. After the reload, to get the SSH working again, I need to re-issue "ca generate rsa key 10...

SIP Inspection

HI,I have ASA 5510 withc csc module, i need to enable sip trafic (Udp 5060), the sip inspected by default, i opened the sip port from public to the Gatway ( private ip) in both direction but i cann't connect.Note taht i use Static NAt for Gatway here...

Network Security

Forum Posts

VLAN Tags Through a PIX?

Help with 501 !

Using Static with port range

Firewalling: Management port M0/0 on ASA 5520 - Interesting issue

Static between interfaces PIX

ASA 5510 VPN session disconnections

Resolved! MARS License: Print is too small!

Issue with IPS alerts involving Secure Content Accelerator

problem with asa5520 exchange access Active Directory

PIX 501 PPTP Help?

ASA SSL VPN CLIENT without browser

Resolved! ACL question

Split tunnel for for a spcific group?

Resolved! PIX 506E's/6.3.5 loses RSA key after reload

SIP Inspection

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

FMC host profile for Cisco UC servers

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application