Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

“Join

 
Labels

Forum Posts

In Release Notes for the Cisco ASA Series, 9.7(x), there is a mention below:Dynamic RRI for IKEv2 static crypto mapsDynamic Reverse Route Injection occurs upon the successful establishment of IPsec Security Associations (SA's) when dynamic is specifi...

dy2 by Level 1
  • 720 Views
  • 0 replies
  • 0 Helpful votes

Greetings,My customer is asking for a firewall with Number of concurrent VPN tunnels= 10,000 and  Number of security policies: 16,000 . I am not able to find in Cisco this.  Can someone please share their knowledge and experience about this?  Is 2140...

Hi,I have AMP for network on Firepower 2130, have configured file policy etc and have been using this site to testhttps://www.eicar.org/?page_id=3950. Http request are blocked by AMP, however https are not, we then configured ssl decryption, import c...

Somewhere in upgrading to ASA code 9.1.4 and CX code 9.2.1.2 (52) we've run into a known and as yet still open bug (CSCud54665).  The symptom that we experienced was frequent failover back and forth due to 'Service card in other unit has failed'.  Th...

itenroll by Level 1
  • 4016 Views
  • 10 replies
  • 0 Helpful votes

GreetingsI'm attempting to use an ASA to route two VLANs to an outside interface that uses NAT/Port Forwarding on the outside IP to access several servers within one of the aforementioned VLANs. The following diagram shows the topology.    The router...

Untitled Diagram-Page-2.jpg
dctcadmin by Level 1
  • 2304 Views
  • 5 replies
  • 0 Helpful votes

Hello everybody,I have a ASA5505 running OS rel. 9.1(7)32.Between this ASA and the target network are two different lines, one with encryption (S2S VPN) and one MPLS line.Depending on the source IP network I need to route that packets defferently.The...

rherud by Level 1
  • 1365 Views
  • 3 replies
  • 0 Helpful votes

Have a pair of 5515-IPS that are having a pen test done soon.  We need to whitelist the pen test company IP addr from the IPS module. Does anyone have any suggestions on how to do this?  Had thought of possibly excluding those addresses from the poli...

Review Cisco Networking for a $25 gift card