Network Security

I am using a VPN server which needs to proxy-arp for private interface traffic to assigned client pools. This is necessitated by the clustered aspect of the VPN service.I'm concerned that this will load my FWSM's arp table. The host 6509 has amaximu...

I've been trying to work around a problem that has been driving me nuts for a long time. As far as I can tell IP INSPECT on 871's and 1811's (models I've tested) using a range of IOS versions from 12.3.8 to 12.4.11t can not handle sending traffic ov...

Can qos pre-classify be enable over an IPSec VPN running from a 3825 ISR router to a VPN concentrator? I know it will work over GRE and IPSec site-to-site VPN's where the termination point is a router but I'm not sure about the concentrator. Any th...

platform descriptionFWSM Firewall Version 3.1(4)0 <context>Device Manager Version 5.2(1)FI can not figure out how to delete a Global Object (ip address).I can add and modify...But in the two different Global Object interfaceswhen you are in the Secur...

we are using ASA5505 having two interfaces inside(Security level 100) outside (security level 50)We had statically natted I.P X.X.X.X (inside ) to Y.Y.Y.Y (Public I.P).We are able to ping this public I.P from Internet ,also nat is working succe...

Is Fixup protocol smtp 25 for inbound only? I've heard this can cause issues of all kinds. Should I disable it?

have been asked to convert an older checkpoint firewall, running on solaris to a cisco PIX. If you have hands-on experience performing this process, Can you share some of the gotcha or tipsthat I should be aware of, given the different architectures?...

helloip audit protected [ip address - ip address] according to cco it defines a protected address space for IDS, this is from cisco.An attack signature detects attacks attempted into the protected network, such as denial-of-service attempts or the ex...

I have enabled blocking on a router to fire when a certain sig fires. this has been working for a while, I can see the ACL on the router with the host being denied access,so I know that it has been working. The sig fired today and the host was added ...

I have a pix 501 and am needing to do some port forwarding. I have a DVR (being used for security cameras) it has an internal ip of 192.168.1.150. I need to have port forwarding setup for 3000 - 3007 and 8800. I used the following to do this:stati...

Hi,If i connect 2 ASA 5510 with cross cable & configure failover on the active one, whether failove rtake place??PLease advice.

I just installed an AIP-SSM module in our ASA 5520 firewall (protecting a school district). I successfully configured it to scan all traffic sent both directions with the following config:access-list IPS extended permit ip any any class-map ips-clas...