Hello, I need your help with a problem I have been experiencing for a couple of days.
We got a client with a Wimax Solution. They had a firewall from another vendor and needed to upgrade to a more robust platform so they went with a Cisco 6506-E with a FWSM .
They are using traffic redirection for inside networks, the wimax packet service gateway is not routing internat traffic (public to public IP addresses) instead,public IP addresses assigned to clients are forwarded to the wimax packet service gateway and then the traffic flow is redirected to the outside of the FWSM for firewall inspection. see attached diagram
I already fixed TCP traffic between those networks using TCP state bypass feature, everything works good but ICMP, this has been a total nightmare.
I have a permit any any in the inside and a permit any to public networks in the inside plus the inspect ICMP. With this configuration ICMP is treated as stateful.
when I remove the ICMP inspection, ICMP traffic from inside to outside stops working and redirected ICMP traffic works OK.
Now I tried a solution I read in the book Cisco Press - Cisco Firewalls but it didn't work:
IntroductionFeatured AuthorLive QuestionsQ: In this digital era, how do you differentiate between IT and Cybersecurity? Could you please share your thoughts on this.Q: On a Cyber Security point of view which is the right way to go - CCNP Security or Cyber...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
There has been a lot of grey area when one needs to get started with ISE or when one does not have any specific background.Could you please guide me to what are the thing that one needs to know inside out and what are the things which require only a minim...
Hello Guys, I'm trying to create a simple script to create new objects on FMC via API, but I'm facing issues(Python 3.8). Script(that pretty simple, I'm not programmer, but I'm trying): import base64import sysimport requestsimport reimport ...
NetSec YouTube Channel
The NetSec Team is adapting our content delivery methods to enable our stakeholders to get the information they need from the places they frequent the most. YouTube is the go-to place for billions of users to learn about tech...