Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Have been running new sensor for about a week now. I implemented in promiscuous mode as the documentation seemed to indicate that inline will tend to bottleneck internet traffic.My questions are :Are you running in inline mode and what can I expect ...
So - I am new to IDS but not so new to everything else Cisco. We replaced our edge network with New ASA 5520 and also ordered the IDS/IPS AIP-SSM-40 Module. Got it installed and it is looking at packets. I decided to go with promiscuous as the doc...
So I'm feeling a bit red faced here as this morning I had a student come in and show me how a product called HotSpot Shield absolutely blows past every type of web filtering, packet shaping , and firewalling I have so carefully set up over the last 5...
I am setting up a pair of 5520s in Failover configuration. Previous to adding the Failover ASA - I had the physical coonects as follows :Internet > Primary ASA > Packetshaper > Web FilterI believe in order to make everything work in Failover mode I ...
I have 2 - 45xx switches and 1 - 65xx switch at my core/distribution layer for the campus. These 3 switches are removed from STP and each has 2 - 1 gig (gbic) Etherchannel connections to the other (triangle configuration). If I'm not mistaken this ...
Typically Inside is Ethernet1 but anyway - I think you need straight cable from inside to PC not xover and then obviously the 6 commandsNameifInterfaceIP AddressNatGlobalRoutesh xlate will indicate whether or not your translation is working Nat/Glob...
Just for starters - Anytime you create an access-list on a pix (or ASA) the appliance will AUTOMATICALLY add a DENY IP ANY ANY as the last statement in that access-list. Even if you do not see it - it is there.Next - it appears that you are using a...
