I have my soho set up to deny any incoming traffic, I would like to log all incoming traffic and its source, but I am kind of at a loss.Any suggestions? Thanks
I have a 4215 and my requirements are to sniff on four different segments of my network.Question:* Do I need to add a 4-FE card to fulfill this requirement?* Or, can I configure the SPAN ports on my switches and route the traffic out to a different p...
Can anyone tell me the difference between NAT-Transparency (ietf draft) and NAT over TCP/UDP from Cisco (IPSec/NAT).Is there any benefits on using IPSec/NAT instead of NAT Transparency?I heard that NAT over TCP/UDP is a Cisco's proprietary implementa...
Hello,The network configuration of CSIDSv4 is below.$ dmesg | grep duplexe100: eth1 NIC Link is Up 100 Mbps Half duplexe100: eth1 NIC Link is Up 100 Mbps Half duplexe100: eth0 NIC Link is Up 100 Mbps Half duplexIf We use "Half duplex", Does IDS drop ...
Hello,I have recently upgraded our FO 525s to 6.3(4). Since then I see the following message in syslog:"305006: regular translation creation failed for icmp src inside:10.x.x.x dst intf4:10.x.x.x (type 8, code 0)"Actually 4 syslog entries are generat...
Hello team,I have a unique policy NAT kind of a requirement.Description of the network:External customers-----------Internet cloud-------PIX (FWSM blade) ---------SVR-1 + SVR-2 (10.10.0.46) (10.10.0.47)Two external IPs are mapped to two in...
I have been playing around with 802.1x in my lab. I have it working with 3550, ACS and Active Directory. I would like to enable 802.1x authentication on all ports in my environment. That presents a problem for devices that don't have a supplicant,...
This issue has been raised previously; it's gained some visibility recently out at SANS although so far no one has an answer. I and a number of other folks occaisionaly see two or three alerts in a row regarding IP fragments, with the source and des...
Hi,anyone have a good list or configuration guideline that tells you how to effectively block these instant messaging applications on the PIX firewall?- AOL Instant Messenger- MSN Messenger- Yahoo! Messenger- ICQHave several customers who need this k...
How can I test my IDS to see if it is working? Have not been able to detect any shun blocks in my PIX 515. Not sure my IDS is triggering shuns to the PIX?
Hello,I have multiple issues with changing IP/hostnames, or in one case same host name, new mac. In about 30-50% of the times/cases, I can simply clear arp on both our cisco 2600 router and on the cisco pix and get things work fine again. However, in...
Hi.We are running a PIX 506E firewall in our company. I know that failover on this model isn't an option. So I bourght another PIX 506E to backup the running one if it should die on me. I savde the running configuration of the PIX that is running on ...
Q1 Can IDs monitoring interface monitor both incomming and outgoing traffic simultaneously (i have just one ids monitoring interface on ids)?Q2) If i have only on monitoring interface on my IDS, can I monitor traffic thats comming via two different r...
Can CSA-MC be purchased separately? or do we need to have Cisco works VMS so that it can be installed?Moroever, Will CSA Agent alone be having any worth without CSA-MC??please comment...
Ok...this may not be the best way to firewall, but i somehow did it once and can not remember how to stealth port on a router, i use it as a firewall, it works pretty well actually, but when i did a external port scan on it i had warnings of VISIBLE ...
