Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, We have a local syslog server which listens on UDP 514 port. As many UDP frames has been cut I've done some investigation and found dropped packets (action requested by IPS). This was 1206.0 signature which is "IP Fragmant Too Small". I have crea...
Hello,Is it possible to limit number of connections per second on ASA 5520 8.2(5) (with IPS module) in a way where it will not drop the connection beyond a certain threshold, but instead redirects rate limited connections to an Apache virtual host th...
Hello,Is there any command which allows to change number of displayed captured packets?I have a following capture setup:capture SFTP_TEST type raw-data access-list SFTP_TEST buffer 200000 interface inside circular-buffer [Capturing - 199102 bytes]whe...
Hi all,I need some help from someone who has experience with configuring VPN on ASA over 2Wire router setup as dmzplus.Topology:ASA 5505 ---- 2Wire (dmzplus) -------------- ( cloud ) -------------- 2Wire (dmzplus) ---- ASA 5505 BT is the ISP on both ...
I have a website with very high hit rate which is protected by IPS. There've been complains about some dropped request so I've gone through IPS Event Viewer and I found many of this:evError: eventId=1321353761353146007 vendor=Cisco severity=error ...
Update:I configured the service policy rule on the firewall to bypass IPS. Still the same.The only one option which works is to disable the signature.Any more ideas?RegardsMariusz
Hi All,Filter settings below:The filter works partially as I don't get alerts on the IPS itself.Firewall LOG:4 Feb 14 2014 15:33:22 39715 514 IPS requested to drop UDP packet ...
Hi Mahi,Simple and effective way to prevent some of these is to set embryonic connection limit on all static NAT entries which are facing outside interface.Command depend on which IOS you are running. More info here:http://www.cisco.com/en/US/docs/se...
