Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, I've recently configured SSL VPN on an ASA failover pair running 8.4(2). The smart tunnel policy allows RDP clients (native MS client on Windows, MS Client and CoRD on Mac). Early testing looked good for both Windows and Mac. But then I had ...
Hi, I'm trying the IOS IPS solution out in a lab environment and I seem to be getting lots of false alarms on sig 4050 - UDP bomb. Looking at the signature description via go/mysdn, and looking at it's configuration on the router via SDM, I can se...
I have two related questions to SNMP set support on version 5.x of the IPS sensors:1) Is it possible to enable gets but not sets? There is just one configuration setting (enable-set-get to true or false). The docs allude to the default SNMP RW commu...
Is there any documentation that explains the anticipated behavior with a sensor that has the same suspicious traffic pass by (promiscuous) or through (in-line) interfaces on the same sensor?The new Cisco IPS course materials has one short note: If th...
I understand the use of the ? character in a regex to match on 0 or 1 occurances of the previous character. But, I don't understand what it means when it is in braces. Some examples:Sig 3200 RegEx ends with [? \r\n\t], it appears that there is a sp...
Thanks for the clarification. That makes perfect sense & I've seen it used before. I just did some testing with a few regex signatures that have the ? (often among other characters) & it does work this way. So, now I think my question is how is a ?...
This works great, as far as I'm concerned!I've had similar issues with all Cisco devices, IOS, PIX, VPN Concentrator. I'll have to research later if its the same issue. Problem is this verification method requires an SSH v2 client on the box itself...
Right on the nose! When I forced the clients to use SSH v1, the fingerprints matched those shown by the show ssh server-key command.This is certainly a big step in the right direction. But, is there any way to verify the fingerprint of the ssh v2 p...
I am still watching for responses. Obviously there haven't been any. I've played with it some more on my own, but still don't have an elegant solution. I'm not sure how Cisco could have thought adding HTTPS support could be used in an effective wa...
