Network Security

Howdy Gurus,I've an ASA with the latest 7.x software and some tricky problems. VPN clients can access all internal networks fine, but intermittently, a client will have an issue connecting to a SAP server using the SAP client. All other type of conne...

I recently had to make some changes on a pix firewall that seperates two seperate internal subnets and now I cannot ping from the inside to the outside subnet. I openned up PPTP and cleaned up some other things that I didn't think were needed and may...

Hi Everyone, I need to inform the operator the procedure he needs to make to power off the ISDM-2 Module. I want to avoid give him access to an administrator account, but I can?t see another way. Any tip to automatizate this procedure and not requer ...

Hi,I have Cisco PIX firewall 535, ver 7.0. Cluster with two nodes, one virtual ip, but different physical mac-addresses is using PIX as a default gateway. When the cluster swithes from one node to another, probably due to the change of the mac-addres...

Does anyone know if there are plans to use the USB ports on the ASA5500 Series as the failover interface medium?To my mind (apart from the IP bit) it would be similar to a cable-based ACTIVE/STANDBY failover scenario.I have extreme difficulty in burn...

Has anyone experienced this problem?If I'm sitting behind an ASA 5510 and surf the net at a few of the websites i get a timeout/webpage not found error! i have setup a pix501 on the same public segment as the ASA and when access the same pages from b...

We've noticed a significant difference in how fast packets make it through our network (Website load times mainly) since we upgraded to 3.1.4 on our FWSM.Anyone else experience that?

Hi, i have already setup URL filtering on my cisco IOS router, now i wanted to block a specific port using the url filtering method instead of using ACL, how do i do that?my requirement is to block "talk.google.com:443" if i deny access to port 443 i...

Hi all I cant access From PDM my pix515 device.When I put ca enroll with all requested options , is going to tell -% No CA root cert exists. Use "ca authenticate"but that step i done successfullycan you help me ? what is optional fingerprint ? is it ...

Hi all,I would like to use 2 ASA and set up an active/active failover configuration (with 2 differents ISP).I found that documentation:http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008045247e.htmlAnd I wonder if...

Hi, We are running 802.1x with a customer, using Cat2950's, ACS 4.01 and the meetinghouse Aegis supplicant. On top of all this we authenticate against Microsoft AD and do dynamic VLAN assignment.This all works fine.Last friday we implemented L2 NAC (...

We have PIX 515 with 7.0(2) and having intermittent problem. Four VPN tunnels are configured and also internet traffic pass thro this PIX. Currently the PIX is very slow and if I ping the inside interface the ping resonse is varying between 50 to 100...

I have an IPS4215 installed behind a 515E firewall. When clients use the Cisco VPN Client to connect to the firewall (and access a sensitive server behind it) I get multiple hits on Sig 1300/0 TCP Segment Overwrite. Summarization keeps the number of ...