Network Security

Hi.I want to use pbr on a firewall.I want to set up the following:I have a proxy in an dmz configured in the firewall.I want to rederect all http and https traffic through te firewall.So how is it possible to let all outgoing www traffic go pass the ...

HI,Guys:I am configuring Failover on two ASA5510,but some Failover commands take no effect when I entered them into ASA.For exmaple:I entered the following commands in the mode of ASA5510A(config)#:failoverfailover lan unit primaryfailover link FailO...

Hi, two days ago, the cisco pix's messages shows the follow:106016: Deny IP spoof from (127.0.0.1) to 10.82.239.198 on interface WAN106016: Deny IP spoof from (127.0.0.1) to 10.82.239.230 on interface WAN106016: Deny IP spoof from (127.0.0.1) to 10.8...

From the attached config I cannot explain why a system with IP address 10.7.1.35/28 for example would loose packets to a system with IP address 10.7.1.36/28 which are in the same subnet. This is just an example. More systems on 10.7.1.32/28 subnet lo...

Just hooked this up today and with Vibhor's help I have the DMZ working with nothing but a test server in it replying to ping. But I noticed that the firewall slowed down after about an hour when I was viewing the configs and whatnot and I did a sh ...

I need to NAT an outside IP to an inside IP, but I do not want to change the source IP address.Anyone have any luck with getting SIP to pass through the 5520 without changing the source IP?

We currently have a CSA MC on site, We have another site in the US that will be running another CSA MC, Is it possible to replicate or save the running policies on our current MC and to install then onto the CSA MC in the US ? Or is the only way to c...

Hi ALL,We have a PIX device where it are suffering some strange behavior. In the PIX device, we receive large amount of Deny IP spoof messages like this:%PIX-2-106016: Deny IP spoof from ("Internet IP Address") to 0.0.0.0 on interface DMZ1The "destin...

I have a pair of 515e devices configured in failover. The system has been working fine, however I tried to upgrade from 6.3(5) to 7.2(2) using Monitor mode, as I have PDM installed. The problem is that whenever I enter monitor mode and apply an IP ad...

I need to connect 24 users to the Internet over a T1 line. What would pix equipment would you recommend? Is there a pix model that comes with csu/dsu for a T1 line?Thanks for any suggestions

Is there a host limit on IDS/IPS?Thanks.

I am new to PIX and I would like to set up a connection so I can connect to PIX over the internet. I have the client software. What is a basic configuration can I use on the pix to make this work.

Hi,Is it possible to allow DHCP packets across the PIX, I have configured DHCPrelay ok for clients directly connected to the PIX. In this case the clients are connected to a router which then connects to the PIX inside interface.I have configured the...