About m.pinheiro

m.pinheiro · 03-12-2011

Hi there,One of my customers are facing a DDoS attack on their email servers. I am in charge of ASA config.Here is what I have done so far and it was not very effective:tcp-map LimitEmail check-retransmission checksum-verification exceed-mss drop ...

m.pinheiro · 07-20-2009

Hi,After one year and 3 months without any problems I had to upgrade the ASA 5520 from version 8.03 to 8.04 due to a known bug (tcpmss problem).Everything worked fine with one exception: the Oracle application is not working any more.Whenever I remov...

m.pinheiro · 02-15-2009

Hi,I am facing a quite interesting problem with VPN and HSRP.Attached you can find a draft topology of the scenario. Every office has two routers: Main and secondary. All routers have fixed IP address.The Central Site main router has a VPN Site-to-Si...

m.pinheiro · 01-22-2009

Hi,I am facing a quite interesting problem between a PIX 515 and an ASA 5510.The PIX is in the HQ and has multiple dynamic VPN connections (aroung 130) and IPsec remote vpn working just fine. I needed to add one Static PIX-to-ASA L2L VPN and it is no...

m.pinheiro · 01-19-2009

Hello,I have set up Remote IPSec VPN and it is working just fine. I need to access the connected VPN clients and it is not working. I have already added an entry to the nonat ACL allowing traffic from inside my network to the VPN Network.More info:In...

m.pinheiro · 03-13-2011

Hi Sean,Thanks for the reply. Yes, it is on.I could not find any class-map type inspect for SMTP/POP3/IMAP. ASA 8.2(1) has those for DNS, HTTP, IM, etc... Rgs,Marcelo Pinheiro

m.pinheiro · 07-21-2009

Thank you for your response. The first option I already did and it is working.The second is impossible because it is an application server.I was wondering if there is a way to keep sqlnet inspecting with this problem or is it a bug?

m.pinheiro · 02-16-2009

Hi Ivan,Thanks for your quickly reply. I have already tried monitoring the ISP IP or the router interface. The problem is: If I track any other object, I would never get to know if the remote peer (either the central or remote site) is up and the tra...

m.pinheiro · 01-29-2009

Thanks Ivan for your helpful hint.After a long discussion, now I understood why it suddenly stopped working. The supplier was simply changing his configuration without telling me anything.Sorry for the long delay.Best regards.

m.pinheiro · 01-23-2009

Hi Ivan,Here is the conf at the ASA side. This is the suppliers conf.object-group network Test network-object host 192.168.1.88object-group network Remote_NET network-object 10.0.0.0 255.255.255.0crypto map SPEEDY_map 2 match address SPEEDY_2_cryptom...

Member Since	‎05-16-2007 03:04 PM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	15

User Statistics

User Activity

SMTP, POP3 and IMAP4 DDoS attack

ASA 5520 - Sqlnet inspection dropping connections

VPN and HSRP interesting problem

PIX and ASA Static, Dynamic and RA VPN not working

Access Remote VPN clients

Re: SMTP, POP3 and IMAP4 DDoS attack

Re: ASA 5520 - Sqlnet inspection dropping connections

Re: VPN and HSRP interesting problem

Re: PIX and ASA Static, Dynamic and RA VPN not working

Re: PIX and ASA Static, Dynamic and RA VPN not working