Network Security

We have set up our PIX 501 to let remote clients (4.9.00.0440) VPN to the home office (and see the local LAN) and a site-to-site tunnel from the home office to our internet ded server. I need the remote clients to be able to access the remote site di...

when I turn on "debug icmp trace" on my PIX 501, I see a contiguous stream of the following:210: ICMP unreachable (code 3) kevin7 > 192.168.69.1211: ICMP unreachable (code 3) kevin7 > 192.168.69.1212: ICMP unreachable (code 3) kevin7 > 192.168.69.121...

Hi all,when to construct a rule base we need to log 106100 messages to see which connections are required, but no 106100 message appears. does anybody know the reason or what can i do to enable logging this message.thanks.

I have a web server which sits behind the inside interface on the pix. The Pix makes the translation from public ip to private ip and the web server serves up pages to the outside world just fine. Now anyone on the same inside interface gets a messa...

I got an additional IP Range from my ISP how can apply that to my PIX so I can use that range as well as my current range. I have a PIX 515 6.3.5 Thanks in advance

Hi,The Pix firewall 501 configured the static route to the internet, but the client who join the network use this gateway go to internet faced the intermittenly down, after a while it will automatically up.is it any solution for this.Confirm that Int...

Dear sir, I have Catalyst 6513 + 1 module IDSM-2. I configure IDSM to monitor traffic in DMZ,internal LAN,... Now, I want to configure:When IDSM discovers some intrusion action, Catalyst 6513 will perform action to block traffic by access-list or so...

We had performance and ACL problem with PIX515E after memory and OS upgrade (6.3.4 to 7.2.2).Does anybody know which 7.x release is most reliable?

I set up two IPS's in a CAT6509 and using Cisco's IPS Event Viewer got into them fine and had traffic and everything, but after about a week i cant connect to them with event viewer i cant get into them by double clicking, but i have the red X and th...

I'm configuring WebVPN on an ASA, and using the "ip local pool" command to define a range of addresses that the clients will be assigned once they VPN in. This IP range is /not/ from any directly connected networks and/or already in the existing rou...

Hello All,I have a pix 501 v 6.3(5), connected to my dsl router. When i connect my Netgear "Safenet" vpn client to my endpoint (Dlink 808HV) I can't ping anything on the other side. i have vpn passthru enables for IPSEC & L2TP. When I disconnect the ...

We have an application (client - database) that doesn't do well with the 1 hour connection idle timeout (TCP conn).The setting is global and much has been made about adjusting that timeout. Very hesitant to extend it (they will not be happy until th...

I need to see ethernet interface utilization, in real-time and as historic reports. Is it ok to use DFM for this goal?I am viewing this information from the alerts windows in DFM, but in the column of interface utilization, instead of showing the u...

Since setting up our new Cisco ASA I have noticed the following event in the ASDM logs very frequently:Deny UDP reverse path check from 10.0.x.x to 10.0.255.255 on interface outside 10.0.x.x is always an IP on the same subnet as the inside interface ...

Hi AllPlease what is the difference btween the 2.If I have a Cat6509 with an IDSM-2 and then an ASA for all our external connection with an IPS what will each be monitoring?Also can an IDS monitor external connection that will be plugged into the ASA...