Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We currently have a 3-party SIMS and Snort/tipppoint IDS in the network. Testing the Cisco module to replace these IDS systems, questions is how to config the Cisco module to forward events to the SIMS. thx
Questions: is there a way to create a network group using wildcard? I need to allow access on a 10.0.0.0/8 network that is segmented in 4000 smaller network. However, within these smaller networks only the 10.*.*.11 need to use port (21,137,443). Is ...
I currently have a 32 distribute-lists on two routers that will grow to 155 unless a method can be found. Situation: 2 routers with 2 serial interface each sub-interface has two distribute-lists one in and one out. The outward bound list are always ...
Setup: Static NAT for smtp a/v box in dmz is filtering mail in/out bound. Need to keep inbound NATing to smpt a/v box, but outbound smtp needs to NATed directly from the email servers to the same Public MX record . Thanks
The best solution to this problem is to use Fireplotter Software (around $400 US). It shows and plots all connections going thru the ASA and you can sort via TOP talkers/protocols/bandwidth/etc.. Cisco should really buy this product and merge it into...
This fixed a web-based FTP problem but clients using cmd-line to access other sites are getting connected but hangs on multiple sites. Opening a TAC case
This is want I found if TCP Normalization map is being used and the Check if retransmitted data is the same box is selected then FTP session failed. Unchecking this box fixed my problem.
The goal is to use the same public ip but nat in traffic to the a/v box and outbound traffic (email server) from a different box/ip address. Some security devices will not except smtp from different ip address. Is this possible?
