Network Security

Curious: can a WAN ACL block outgoing http, or must a LAN ACL be used?

This works:access-list 151 remark Block insecure connections to myaccount.simplicato.com's current (as of ACL edit time) IP.access-list 151 deny tcp any host myaccount.simplicato.com eq www logwhere ACL 151 is applied to the LAN interface: ip access-...

Failover IPS upgrade not working. Pulling out my hair!

We just recently put in a failover ASA 5520/IPS SSM-20. I'm trying to upgrade it to the same version as the primary, 5.1(5)-E1, however, when I attempt to go from 5.0(2), it doesn't let me. So I tried to go from 5.0(2) to 5.1(3), but get this when I ...

map public ips in ASA5520 ?

hello!I have 6 public ips and six ip cameras in my company.i want to map these ips in my cisco ASA-5520 against the private ips used in my company.What is the command and procedure for this?Thanx in advance.Athar

Management of Contexts in the FWSM

Hi,I am checking for a customer, is it possible to deploy multiple contexts through a FWSM on a 6500, and only allow certain users access to certain contexts through ASDM?

Failover with PIX 515E 64 MB RAM to PIX515E 128 MB RAM

Is it possible that you can failover with the following scenario ?PIX 515E with 64 MB RAM,VAC is our primary production PIX.We bought a new failover firewall with 128MB RAM,VAC+ card.We just dont want to disturb the hardware configuration of the prod...

ASA redirection using (same-security-traffic permit intra)

I've deployed the ASA fw for different purpose. One is for Internet access and the other for site-to-site VPN connection. All the internal user's default gw is pointing to the Internet one, and this one contain the specific static route back to the V...

Is there a failsafe function when deploying rulebase with asdm to a pix?

I was wondering if there is any form of failsafe when deplying a rulebase to a pix with the asdm. Based on the logs it seems that it simply writes the complete generated config to the pix running config. and ends with a write mem. For me who hava ab...

pix 515E can not use the Fe0 and Fe1

Dear sirs, i have cisco pix 515E with three interfaces Fastethernet0, Fastethernet1 which is built-in in the pix and Fastethernet2 which is module. i upgrade it to ver. 7.0 when i connect the firewall the fe0 and Fe1 is bring up and the light is ok b...

IPVC-MCU 3545 - conference control

We have one IPVC 3545 with one MCU and one EMP module inserted on it.It is registered with one cisco IOS gatekeeper.Some Tandberg MXP770's is also registered with this gatekeeper. But when i am trying to create a video conference from the conferenc...

IM INSPECTION on ASA

Hi All,I am trying to block yahoo/msn chatting on ASA. there is a provision to block both these chatting software through ASA. Can any one help me how to do that. I know via class-map & policy-map we can do it even i hav configured it. may be m doing...

ASA with MPF to control ftp speed

I got an ASA5505 to manage a small office and I'm having problems with the ftp/VPN/remote desktopUsers from the the SOHO vpn to the Central Office to do basic taks and some times the Central Office people do remote desktop to the SOHO.The problem tha...

Firewall, DMZ Design and Config

Hi all,I am looking for information regarding design and configuration of firewall on a Cisco 2801 router.Setup:Cisco 2801 with 2 eth. ports and 5 VLANS configured. The 2 ports connected to Cisco 2950 switches.Native vlan - 1 (some PCs and servers on...

Resolved! VPN Connection IPsec: no ping response from remote site

hy guysi have the fowling problem:i can establish an ipsec connection (network to network) with the remote site. and i can access to the resources of the remote network. but not vice versa. from the remote network i can not access to any of my server...

Filtering Peer to Peer traffic with ASA (7.2) and CSC mod

I have an ASA with the Trend Micro CSC module, I would like to filter peer to peer file sharing traffic through the firewall but it seems less than straight forward with the csc as it wants to do http ,ftp,pop3 and smtp only. Has anyone done this w...

Resolved! Cannot SSH into PIX

I would like to be able to use an SSH client to connect to my PIX firewall over the Internet. I can do this to my 506 PIX but not on my 515, with debug SSH on I keep seeing "invalid userid michael" even though I have put the command "user michael pa...

Network Security

Forum Posts

Curious: can a WAN ACL block outgoing http, or must a LAN ACL be used?

Failover IPS upgrade not working. Pulling out my hair!

map public ips in ASA5520 ?

Management of Contexts in the FWSM

Failover with PIX 515E 64 MB RAM to PIX515E 128 MB RAM

ASA redirection using (same-security-traffic permit intra)

Is there a failsafe function when deploying rulebase with asdm to a pix?

pix 515E can not use the Fe0 and Fe1

IPVC-MCU 3545 - conference control

IM INSPECTION on ASA

ASA with MPF to control ftp speed

Firewall, DMZ Design and Config

Resolved! VPN Connection IPsec: no ping response from remote site

Filtering Peer to Peer traffic with ASA (7.2) and CSC mod

Resolved! Cannot SSH into PIX

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Firepower 1000 setup

Verify SSH1/SSH2 Version on SG350?

Configuring OKTA SAML on FTD 7.2.5

Palo Alto to Cisco Migration Tool count_summary error

Dynamic Split Tunnelling - Android Devices

FMCv in Azure Hosting Multiple HA Clusters and License

please help me configure TFTP access-list on ASA for device management

Firepower 3105 - System boot up has failed

Cisco FTD and Cisco FMC images in CML

Architecture for ISA-3000 Firewall