Network Security

My company accesses WAN web applications (webmail) over a DMVPN tunnel. A problem with this is that normal Internet traffic can consume the entire circuit and then the corporate webmail becomes really slow. I decided to make a QoS policy to protect t...

Is there anything special that needs to be done to have Active Directory and .NET applications talk across the DMZ/LAN segments on an ASA5520? I have static (inside,dmz) 192.168.0.0 192.168.0.0 netmask 255.255.254.0 and access-list inside_to_dmz perm...

The IPSEC VPN client is supposed to work at the kernel layer while the SSL VPN CLIENT (SVC) is supposed to work at the application layer.Goal: SSL VPN into my ASA 5505 & establish a tunnelall policy to tunnel all traffic through my ASA5505 including ...

Has anyone else tried installing the latest patch with multiple virtual sensors with multiple sig configurations, event action rule configurations? I have been fighting this for a couple of days now. What I have found is that any sig/rule configurati...

Hi,Setup description:- 2 x ASA5510 version 7.2(2) connected with a crossover cable via failover interface.- Lan based failover- Stateful interface is the same as failover interface (Ethernet0/2).Config of Primary:interface Ethernet0/2! nameif failove...

Hi,I would configure Multiple Websense server for redundancy.What are the changes reqired into Cisco ASA firewall?What are the changes required in Websense Server?I would make one Active and another Backup.If i do down one another one should take ove...

I know that there are password recovery proceedures using the interface, address, server, file, gateway, and tftp commands. But what I was wanting to know if there is any other way to break the password JUST using a console connection like you would ...

We wanted to terminate a dot1q tagged VLAN at the outside interface of a PIX 501 firewall. But encapsulation dot1q command is not available under interface configuration mode of outside interface.(This method is available for all routers & we tried t...

I have a PIX 6.3 configured with an access-list inbound on the inside interface.I am allowing traffic from a particular host to a DMZ machine on port 80.I can see the keepalive on port 80 hitting the access-list but not where I would expect it.I have...

I have a client that no documentation of the PIX they have and the have 4 Tunnels setup. They are moving and are getting new IP's. I remember to view the isakmp keys was to do a wr net to a tftp server and it shows the passwords. I have done this but...

I have a ASA5520 that is the default route out of a network.I need it to redirect all outbound smtp traffic to another gateway off the network.I need the eqivalent of the following..access-list 103 permit tcp any any eq smtproute-map EMAIL permit 1ma...

Hello,I have a server with external and internal IP address. I want to restrict the access to this server. I have 5 IP addresses that should have access to this server. Is there a way I can restrict the access from IPS or this can only be done with a...

Hi Netpros,when searching through the event log in CSA MC 5.2 we get the message that sql full text search is not installed.Did not find any info on how to do this other than under "maintenance - database maintenance - full-text search":---SQL Server...

Can i use the same name/IP address for LAN and statefull link ?Below is the config, PIX accepts this config, just wanted to confirm if it'll wrk fine this way.failover lan interface LAN-AND-STATE Ethernet2failover link LAN-AND-STATE Ethernet2failover...