Network Security

Does anyone have any links or suggested reading for PIX troubleshooting techniques, methods, whatever?I'm thinking of the scenarios where X phones up and says I can't Y anymore, it must be the firewall.This would be for the CLI as a by the by, but po...

Hi everyone, I am hoping someone can point me in the right direction here. I have just plugged in a Pix 535 (with an allow ip any any access list on all interfaces) into the core of our network. I have also configured it to not do any NAT's and pu...

We have configured the PIX firewall to act as a default gateway.......ICMP is working fine with access-list 102 ip any any internet is working fine but when we give access-list 102 permit TCP any any eq www and remove ip any any internet is not work...

hi,Currently we are using pix version 6.3(5) 506 model for our email server.Policy rule pretty simple, object-group service Email-ports tcp port-object eq 995 port-object eq 456 port-object eq smtp port-object eq 8188 port-object eq pop3acce...

Hello,I currently have 2 ASA 5520s in an Active/Standby configuration. I have set up 2 VLANs on the ASA corresponding to port g0/0. Config:Int g0/0.1vlan 10nameif Outside66ip address 66.38.xxx.xx 255.255.255.224Int g0/0.2vlan 20nameif Outside64ip add...

Hi I am getting all the cisco devices discovered in DCR but missing one of the 6513 in the data collection which is already there in DCR.It is also missing in the topology diagram.However this 6513 is reflected in all other modules like DFM , RME and...

I'm curious to see if anyone can help with my situation. I currently do not NAT on my inside interface:NAT 0 0.0.0.0 0.0.0.0I need to start doing policy NAT for some internal hosts going from inside private IPs to certain sites off of one of my DMZ ...

Will there be a signature 5799 for 4.1 sensors?

i have a box that sits in my DMZ that i can't get dns resolution from an internal dns server on our internal network, ip 192.168.1.8i am having trouble get the requests through the fire, any help would be appreciatedbelow is my configinterface Gigabi...

Hi I am preparing for IPs and got confused with the below question. Please advise. Q : A new sensor is generating a great deal of false positive alerts on the web servers. Which two action will help to reduce the amount of the false positives. (choos...

Integrated Security Router 871-Sec K9 needs SDF [Signature Definition File] updates.Where could be found?Thank you.

In 6.X standby IP addressing was not mandatory for the interface configurations. Has this been changed in 7.X? My coworkers encountered problems configuring failover on a public network where we only had a slash 30 address space. Is there any way...

The signature for syn flood DOS (6009) has two values that I can see will alter the signature threshold.event-counter ----------------------------------------------- event-count: 2600 default: 200 event-count-key: AxBx <defaulted...

I have a weird situation that I could use some help with.I have a customer that is using an RFC 1918 range internally. One the remote end of an IPSEC VPN a vendor is using in part some of the same block. I need to be able to NAT two system to new add...

Is there a way to move a 3des license file from one pix to another? We just installed updated pix at one of our locations, but it did not have the ability to use 3des. I am wondering sense we purchased this 3des license for the older pix if I can som...