Network Security

Problems with PDM PIX ( 506 6.3.(5) )

Whenever we try to make changes from the PDM it doe snot save changes and simply says that it has taken more than 60 seconds and pelase try again. The connection never drops to the firewall not sure what is wrong here.Can somone pelase guide us with ...

Pix 515E Pass through speed issue

We have a Pix 515E that was installed last November and in just the last 5-7 weeks we have been noting a massive speed decrease on through put. After much trouble shooting it turns out to be the Pix causing the problems.Example if issue: network loo...

Outlook 2003 Client to Exchange through Pix 7.1

Hi,We have an Outlook 2003 clients that connect to an exchange server through the PIX but are experiencing 40 to 50 sec delay in being prompted for authentication. Firewall rules allow the client out for any connection to exchange. Clients function f...

Using 3030 to protect wireless

I am running wireless off of the External Interface of our 3030. The External filter is permiting DHCP in/out to allow wireless clients to get an address. Clients are required to authenticate via VPN and when connected, no split tunneling is allowe...

Troubleshooting "AnalysisEngine is currently busy"

Greetings all. I have a 4215 appliance running 5.0(5)S203.0. I'm attempting to apply IPS-K9-min-5.1-1a.pkg via the 'upgrade' CLI command but keep receiving the "AnalysisEngine is currently busy and unable to process this update. Please wait several ...

Error connecting through IPS Device Manager

Hi,I keep getting this error when I try to access the IPS 4255 thro' the IDM.“Error Connecting to sensor. Failed to load Sensor- errSystemError-ct-sensorApp332 not responding, please check the system processes- the connect to the specified lo:: Clien...

Cache pollution on DNS servers

looking for the sigID that would fire on this. We are running 4.1(5)S216.

DOUBLE PIX with nat: pix v. 6.3(4) + v. 7.1(2)

I have a problem with 2 pix connected as follow:CLIENT INSIDE ---> PIX 6 (NAT) ---> PIX 7 (NAT) ---> INTERNET SMTP SERVER OUTSIDE.if the client try to connect to ANY the ESMTP Server on internet (telnet to port TCP 25) the connection hang up: on the ...

NTP configurations for IDS

Hi all,I'm trying to configure all IDS systems to use NTP service, but the software (IDM as well as VMS) asks for NTP server IP, Key and Key ID. All these fields seem to be mandatory. My NTP server is not configured for authentication. What can I do?...

NAC Catalyst 2950 NAC L2 8021X

HiI have the following setup:Cisco ACS 4 for WindowsCatalyst 2950 EMI with the latest imageCisco Trust Agent client 2.0 with the supplicant for 802.1x authenticationI only want to configure posture validation. The client should not be prompted for cr...

Copy existing configuration to PIX 501

How do I install an existing configuration to a PIX 501 firewall?regradsPascal

Detect string in the payload

Hi,I want to configure my sensor such that it sends a reset packet if it detect string "ool" in the payload. Also, the sensor should send the original packet from the attacker included in the alert. I created a custome signature with STRING.TCP, but ...

how to add a alert filter in ipsmc for version 5 signatures

I am trying to understand how event or alert filters work in version 5.x. If I use VMS ipsmc to manage the sensors, how do you add a sensor filter for a particular event that we do not want to see appear in the SecMon console any more. It looks like ...

adding a 5.1(1)s221 sensor to vms 2.3

What is the correct way to bring the vms server back in sync with the sensor signature version? E.g. if the sensor is already at version 5.1(1)S221.0 because upgrades to the sensor were applied via the CLI and you would now like to add the sensor to ...

SIG5478 Microsoft Exchange SMTP Overflow

Regarding above signature, I already checking on my exchange server (2003 with SP2) and confirmed we are patching with MS05-021 (KB894549) but there is still huge alarm fire between my exchange servers on this signature daily.Any1 experienced this be...

Network Security

Forum Posts

Problems with PDM PIX ( 506 6.3.(5) )

Pix 515E Pass through speed issue

Outlook 2003 Client to Exchange through Pix 7.1

Using 3030 to protect wireless

Troubleshooting "AnalysisEngine is currently busy"

Error connecting through IPS Device Manager

Cache pollution on DNS servers

DOUBLE PIX with nat: pix v. 6.3(4) + v. 7.1(2)

NTP configurations for IDS

NAC Catalyst 2950 NAC L2 8021X

Copy existing configuration to PIX 501

Detect string in the payload

how to add a alert filter in ipsmc for version 5 signatures

adding a 5.1(1)s221 sensor to vms 2.3

SIG5478 Microsoft Exchange SMTP Overflow

Meet and congratulate the February 2023 Spotlight Awardees!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Old NAT ASA Config Question

Set up FMC on Azure

How to set it up eNcore outputters to connect with the Elasticsearch

High CPU load at the FMC (7.0.4) caused by python3 processes

Connect with anyconnect to ftd internal interface eg. guest-wlan

Can't login to FTD GUI

ASA5525 HA pair: ASDM only accessible to secondary (not primary)?

LOCAL Server Group Account Lockout

Disable SSH v1 and telnet on FTD via CLI or FMC?

Changing session timeouts, logging/syslog, etc. on FMC?