Network Security

Firewall Migration Tool v7.0.0.1 now live!

Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...

Resolved! Pix ddenly reboots

Our company has two Cisco PIX 525 Firewalls, one running as "active" andthe otherone running as "failover". The IOS in both of them is 6.1.1.From time to time one the Firewalls suddenly reboots (as shown fromthe syslog pasted in this message

Resolved! ASA: Format Command

I have a corrupt file system on disk0: since I did an erase command (I had to reload the .bin file to get back into the cisco# prompt) but now that it is loaded I cant access disk0: it says its Invalid.... I tried a fsck command to repair the file sy...

Pix 515e reboots by itself at least once per day

We have a Pix 515e unlimited firewall. we installed 128MB of RAM in the firewall and upgraded the firewall from software version 6.3 to version 7.2.1. Installed the ASDM on the Pix. Upgrade went as planned. No problems on boot. Since then the fire...

After Upgrading PIX 515 Cannot access with Remote Desktop

I recently upgraded my PIX 515 from 6.35 to 7.12. Before the upgrade I was able to remote desktop into my servers from home. After the upgrade when I try to connect it appears to be trying to connect. However, I get a message stating the network is b...

SMTP IPS block problem

I setup ID 3110 (suspicious mail attachment)to deny attacker inline thinking that nobody needs to send those type of attachments and it would cut down on virus's. Worked fine until today when someone internal tried to send one and the IPS blocked my ...

Upload startup-config to PIX tftp

I'm trying in vain to upload access-list changes I've made to a startup-config file for a PIX 515 (version 6.3(4).I can't use the copy command at all. When I add a tftp-server line and try "write net startup-config" doesn't work. I go into "config te...

Unable to aquire ip from PIX 515e

HiJust bought 2 PIX 515E(PIX-515E-UR-BUN) and are about to setup the box. This came out harder then expected :/After connecting my computer to the box, I am unable to aquire ip address, and the manual said there is a built in dhcp server at 192.168.1...

Passing SOAP application through PIX

Recently we noticed that the HTTP POST request containing SOAP application is not passed through the PIX (7.1(2)) with default inspection rule.The message is:--------------------------------------------Hypertext Transfer Protocol POST /rcu/rc.asmx...

How does the PIX track MAC addresses?

Here's a question about the mechanics of how the PIX handles ARP (I think!)Assume, just for example, I had a 'standard' PIX installation. 2 interfaces, inside and outside, on standard security levels. I've a number of external IP addresses I can use ...

F5 and PIX for webserver

I had a question regarding securing our webservers that use IIS. We have 2 options in play. Which one is a better solution to secure IIS from the IIS vulnerabilities and etc...? I know both have advantages and disadvantages.Here's the setup, a Cis...

Resolved! ASA RateLimit ACL ?

Hi,i have an asa5501.I need to perform this:limit traffic on an interface (C class subnet) in some hours.Actualy i perform this by a 2611 router, with command rate-limit ..ACL ...., but i can't perform with schedule, i have only 'fixed' limit.Any ide...

IDS signature tuning... interval questions.

Just starting out trying to tune some signatures to fit our environment, and looking for clarification on some parameters of IDS signatures.For example: 2152 - ICMP floodIt uses the "Flood Host" engine with the action parameters:Limit type: percent...

Resolved! ASA Registration Key Load Command

Hello,I just got a new registration key from Cisco by using my Serial Number (we had some problems with the memory getting erased) I was just wondering if anyone knew the exact command to load the new key onto my ASA 5520??Thanks,Chris

Resolved! How to monitor Internet usage (web) with PIX installed

Hello all,I am hoping you could recommend an appropriate solution for the following situation:I have a customer who would like be able to occasionally monitor how his staff uses the Internet - basically which sites they are visiting and how much time...

IDSM2 (5.0) Implementation

Hi everyone, I have the following case:2 x Cat6509 (HSRP master and slave)2 x IDSM blades (v5.0 - 229)each Cat has his own IDSM blade install online (not inline), with 2 monitoring sessions on each Cat.There is any way to monitor traffic over 600 Mbp...

Network Security

Forum Posts

Firewall Migration Tool v7.0.0.1 now live!

Resolved! Pix ddenly reboots

Resolved! ASA: Format Command

Pix 515e reboots by itself at least once per day

After Upgrading PIX 515 Cannot access with Remote Desktop

SMTP IPS block problem

Upload startup-config to PIX tftp

Unable to aquire ip from PIX 515e

Passing SOAP application through PIX

How does the PIX track MAC addresses?

F5 and PIX for webserver

Resolved! ASA RateLimit ACL ?

IDS signature tuning... interval questions.

Resolved! ASA Registration Key Load Command

Resolved! How to monitor Internet usage (web) with PIX installed

IDSM2 (5.0) Implementation

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

Ansible with FTD_FMC 7.6

Cisco FTD workaround for SSE connector failure stumbled on rights priv

Assigning an EtherChannel Subinterface to an Instance via FMC API

FirePower onboarding to FMC first policy deployment failure

Questions around Dynamic Attributes Connector - FMC integrated

FTD not backing up config to remote server

Factory-reset FTD 1120 "application installation failed. Launching.."

IPSec VPN between C.2811 and Firepower with only Real IP addresses