If a user uses the WebVPN or clientless ssl VPN. Is anything left behind on the computer that makes the connection, or is CSD the only option to completely wipe info from a computer that connects?
OK maybe i'm stupid, but I can't seem to get my debug to output to ssh. I have entered logging on, logging monitor and the appropriate debug commands but nothing has been sent to the ssh session. What the heck??
I'm cleaning up an old PIX network config, which was transferred to a new ASA 5520 w/IPS. My question is how to determine what acl's are currently being used? I have 3 that are named: INSIDE, inside, & inside_acl, along with several others which I've...
Hello,I have a frustrating problem with FTP across our ASA 5500 using OS 7.0.64.When an internal user connects in active mode to an external ftp server and starts to download a large file, two connections are opened: one to port 21 of the FTP server ...
When I try to load the PIX GUI admin it does not load without an internet connection being present. Is there anywhere I can download the PIX admin program (ver 3.0) so that I can configure a PIX that is on a purely private network without internet ac...
In our syslog we are getting a ton of the following messages: No route to 63.168.xxx.xxx from 70.209.211.170. Now 63.168.xxx.xxx is a static nat on our outside interface and the 70. address is some IP unaffiliated with us. Unles I'm reading the me...
As stated in my first post, I am attempting to reconfigure an inherited PIX 501 firewall and working backwards, in other words, changing the previous configuration and eliminating un-needed elements.FIXUP PROTOCOLWhat are these entries for?Some proto...
Hi, I am not able to auto update the Clean Access and get following message. Can anyone suggest what can be the problem. The IP of CAM is nated on PIX forewall with any-any access list but still update is not complete. I would like to inform that it ...
Hi all. Here's the scenario:PIX 515 v7.22 with 3 interfaces, Inside, Outside, DMZ. Inside=100, Outside=0, DMZ=98I need to put in a rule to allow a machine from the DMZ (let's say 192.168.100.25) to have access to one machine on the internal network ...
I have a customer with a PIX 525 currently doing allow all-exclude by exception and we need to change this!! Since they don't know who should or shouldn't be getting through, how do I capture source/destination traffic for all users to obtain this in...
Can I have to ports of the 5510 on the same inside subnet using two different IP's on that subnet? The two outside ports will be coming from two different locations, but need access to the same inside subnet. If this is possible another way please ...
Hi everyone,Is it possible to setup two crypto maps on the two interfaces on the same box?We want to migrate VPNs from ISP-A to B and setup the two ISP on separate interfaces. Question is can we configure two crypto maps on the same box and bind the...
I have a PIX 515e that I'm having problems connecting to. We recently changed our network IPs. I believe there are a couple of configuration changes that I need to make to connect via the ASDM or to telnet. So I'd like to connect via the console t...
Hi all,Can someone please tell if it is possible to do software IDS/IPS in the ASA55xx series or do I need to buy the AIP-SSM module to do so?Thanks,John
