Network Security

Resolved! Limiting outbound traffic to Cisco VPN clients/Users

I want to limit/filter/drop traffics that will be initiated from the inside of my network(behind the firewall) heading to Cisco VPN tunnel network/users, so basically I want always the Cisco vpn users to have access to behind(Inside interface) the fi...

Resolved! PIX-to-ASA Migration Tool

Hello,For our customer we have to migrate from PIX-515 v6.3 to ASA v8.2I know that there's a tool that can help into the conversion of the configuration: the "PIX-to-ASA Migration Tool".I tried to find this tool in the Cisco web site but it seems tha...

Resolved! L2L IPSEC DNS and DNS Gaurd?

Hello Folks, When I establish a L2L tunnel over IPSEC, how can I have access to the other network dns? is it automatic?and how should the other end define the dns gaurd? so I can't flood their udb port(DOS)? Thx

Cisco virtual ASA Ram overloading

Hi All, I have a virtual cisco ASAv10, and I have a problem with reloading of it, because of RAM is overloading 2GB, on ASAv10, there is license only for 2GB.On vASA is configured only one IPsec VPNs and few SSL VPNs.Do you have any idea, how to fin...

Cisco ASAv NAT with Public IP

Hi, Trying to figure out, how do we set Public IP NAT on Cisco ASAv, as the Public IP visibility is outside ASAv. We are migrating existing on premise hosting env customer to AWS and using AWS-ASAv for retaining the existing NAT connections. Kindly a...

Problems with firepower

lease note to start I don't know firepower at all but I'm trying to muddle thru. I have an internal firewall separating customers from my network. My device management center, therefore is outside the firewall. I have multiple customers all on sub-i...

DCE2_EVENT__SMB_REQS_SAME_MID

I'm having a bit of trouble to understanding why this event is occurring I hope someone can point me in a direction where I can get a better understanding of these.

Cisco ASA 5525 Licensing

I am replacing two cisco asa 5515's with two asa 5525s. The 2 X 5515s are licensed as below, and would like the 5525s to be identical. Can somebody please point me in the right direction in what i need to order for each. Will security plus be suffici...

Resolved! Do Cisco 2100 firewalls support IPS functionality?

I'm looking into Cisco 2100 firewalls and I need it to have a TAMC license but I'm unable to find this kind of license that would enable IPS functionality. I'm only able to select TMC license which does not include IPS funtionality. The documentation...

Firepower FTD Kerberos Captive Portal

We have 2 pairs of HA 2110 Security Appliances managed from an FMC all running 6.4.0.2 currently trying to get kerberos working All seems correct and in place joined AD, LDAPS, ACL Rule, SSL rewrite policy, Identity Policy configured with a cert usin...

Can"t ping sub interface

Hi Gents, This is an easy one, but i can"t seem to figure it out. I have a pair of 5515X in failover with three interfaces(inside, outside, DMZ) and a sub-interface(uses the DMZ as main). So i use the DMZ interface to create a sub-interface, i had no...

FTDv High Availability in AWS

There is requirement to deploy FTDv/NGFWv in AWS for securing Outbound and Inbound (NAT) connections to Internet. Can FTDv/NGFWv be deployed in Active/Passive mode ? the Appliance only come with 2 Mgmt interfaces and 2 Data Interfaces.How can we depl...

ACL on ROUTER for Active Directory

I have a router with two segments. Outside segment is the client and inside is the domain controller. I need to define ACL on Outside interface to allow communication for active directory. Router will use packet filter ACL (no state full inspection...

DMZ server access problem

We are configured Cisco ASA firewall with three network , One Router and a Switch.One Anti-Virus server are used for antivirus server updated, IP 124.124.124.2 which is connected to Campus Router *Campus Router Cisco 1841 Interface Gig0/1 = 124.124.1...

ASA 5555-X high CPU usage

Hi! We have an ASA 5555-X as firewall and our uplink channel is ~350-400 Mbps. And there is very strange thing happen: as more traffic pass through uplink interface as datapath proccesses get big values.For example right now we have ~200 MBps on upli...

Network Security

Forum Posts

Resolved! Limiting outbound traffic to Cisco VPN clients/Users

Resolved! PIX-to-ASA Migration Tool

Resolved! L2L IPSEC DNS and DNS Gaurd?

Cisco virtual ASA Ram overloading

Cisco ASAv NAT with Public IP

Problems with firepower

DCE2_EVENT__SMB_REQS_SAME_MID

Cisco ASA 5525 Licensing

Resolved! Do Cisco 2100 firewalls support IPS functionality?

Firepower FTD Kerberos Captive Portal

Can"t ping sub interface

FTDv High Availability in AWS

ACL on ROUTER for Active Directory

DMZ server access problem

ASA 5555-X high CPU usage

Nexus using sha256 authentication for NTP

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Migrating from Cisco ASA 5525 running SR 9.10 to Firepower 3120

Cisco ASA set ACL of white list fail to function

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM