Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a new 5506-X with the Firepower module installed and licensed for the base plus URL and Malware filtering.
The firewall side of things is active and in use. I've configured a global policy for any traffic and forwarding to the FP module. I c...
I'm transitioning clients from WPA to WPA2 and I want to make sure we've gotten most of them. Is there any way to run a report from the WLC to show encryption levels for clients?
As the title says I'm trying to have an ASA (8.2.3) auth against an ACS 5.3 using TACACS+. It only works if I have PAP enabled on the ACS. Obviously this concerns me. I've found the following reference in the configuration guides:TACACS+ Server Su...
I have an ASA as a hub for multiple VPN connections. In this case I have users coming into either IPSEC or SSL VPN's terminating on this ASA. They are able to reach anything except for one site. This site (other spoke) is configured on the ASA for...
I need to tweak some SNMP Views and I'm having a hard time finding something like a best practice document. I've found plenty of references to the usual ip.21 and ip.22 exclusions to block the routing table and ARP. I'd like to locate something wit...
I did not have logging enabled in the URL policy. Turning that on let's me see the traffic with it in monitor mode. Is that still necessary if the SFR is in inline mode?
Thanks!
Ok, here's one from Yahoo. I'm not too worried about putting this one out there. I captured this from IME in both the trigger packet and context data tabs:Ether: ---- Ethernet2 OSI=2 Frame #1 Captured on 2010-11-09 10:06:04.683 ---- Ether: Ether: ...
Is there somewhere private I can post the capture to?I have a packet out of IME for both a Solarwinds session and what I think is a web based email session with American University's website.
yimg.com is one site but we also have some internal Solarwinds sites that are getting spiked by this. I'll see if I can release a packet capture to you.
We're continuing to get hits on all variety of sites, including internal ones. We've scrubbed our stuffand haven't found anything. Can anyone confirm that the signature is perhaps being overzealous? I'd rather not mark it as safe and miss something...
