Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Has anyone else upgraded their FWSM to 3.2(3)? It was just released on Monday, and we upgraded this morning because of the FWSM ACL vulnerability (http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml). Unfortunately,...
Has anyone had experience with placing VoIP core services (CM, Unity, IPCC, etc) in a separate security zone from the rest of the campus through the use of the FWSM? We are about to migrate to that type of environment (where the campus is separated ...
We are currently using a VPN Concentrator 3030 for remote access VPN tunnels. We plan on migrating to the ASA 5520 series for IPSec client connectivity. We'd like to be able to download RADIUS attributes from ACS 4.0 so we do not have to maintain a...
Is there anything on the roadmap for the NAC guest server to use AD as an external database?It seems like it shouldn't be too difficult since the server is already using AD to map sponsor roles.We really would prefer to use a single SSID instead sepa...
Yes, we are running 4.1.3.1 successfully with both 4.1.6 and 4.1.7 agents. In order to get the CAM/CAS to recognize the new AVs that are supported (new McAfee, Norton2009,etc), you'll need to upload the full install agent to the CAM, and then perform...
Unfortunately, there really isn't a dynamic method. We have been going through this process and it is definitely a chore. We basically find out all of the ports that a server is listening on (through nmap scan or netstat locally on box) and have th...
If you don't require the dedicated Gbps per network, you could trunk multiple networks over the same physical link and then create the Vlan SVIs on the ASA. Many people may cringe at that idea, but it would definitely provide you more flexibility wit...
Yeah - I opened a TAC case when 3.2(4) was released to find out more about it. The fix was not tested pervasively, so it is not included in the production release of 3.2(4). You can enable the beta fix in 3.2(4) with a hidden command (to test it), ...
