I manage an ASA 5520 with an ASA-SSM module at our university. The ASA-SSM-10 works well in detecting P2P traffic. When P2P is detected, the firewall is configured to deny the attacker Internet access for 1 hour. The "attacker" in our case would ...
Hi,I have configured IDSM-2 in Promiscuous mode using VACLs. I have verified the configuration which is correct, IDSM-2 is capturing all the traffic from specified vlans. Issue is that when I want to block any website let suppose "facebook" for any p...
I'd like to know what the experts advise on reboot intervals for busy 5505s. I mean, even the best garbage collection routines are eventually challenged and memory is never perfectly consoliatded like it is after a reboot.I have a client with 5505 wh...
I recently had a client who admitted to not knowing what he was doing, and, with sufficient access to use some external snmp polling process against his 5510, managed to peg the cpu sufficiently such that we could not asdm to it, only ssh. And, in th...
Hello all. Everytime I try to ssh to my ASA inside interface (12.12.7.36) from 10.10.2.3. I get the following error in my logs. how can I get rid of this?Deny IP spoof from (12.12.7.36) to 10.10.2.3 on interface inside.
Hi,Looking for some advice on Implementing NAC across the enterprise. The environment uses laptops, desktops and thin-clients (Vmware VIEW, VDI) which connect to ESX servers where the actual machines reside (running Windows 7 and Windows XP operating...
Hello,I have purchased CISCO ASA 5510 for Clientless VPN use. This device will be behind Watchguard appliance.Please provide or point how to configure.Thanks,Krishna
HelloHow to overcome "Denial of DOS Attack" on ASA 5510, any recommendations or best practisesConsidering the public ip is not same all the time.thanksSaquib
I have this problem which has been going on now for about a week now. I want to run it by ysome of you before I get CiscoTAC involved.When attempting to load any image on the ASA (ASA, CSD, AnyConnect or ASDM) via the ASDM wizard or cli with TFTP; t...
We have a simple configuration on our 506e and are migrating to an ASA 5510 and I just wanted to know if anyone could tell me what the most effective way is to ensure the 506e config migrates over to the ASA 5510.Thank you,Thomas
Hello everyone!I am working on locking down the access to the internet and wanted to do a quick test. Below is my config with the new line of code in bold. I am trying to block specific ports while allowing everything else.My question is: "Will this ...
I have a Cisco ASA 5505 with the basic 10 user VPN licensces and would like to upgrade themI need help in selecting a upgrade pack that will allow me to upgrade to 25 ot 50 usersThanks
I know I can update them manually but I was just wondering why the latest Windows agent and Compliance Module isn't available for automatic update on the CAM.
Dear Teamcan u suggest how to fix up network vulnerabilities in network let say in firewall internet router 2821 what is the procedure to carry out such kind of things ifrom inside and outside . suggestions and solutions will be appreciated.Thanks an...
