Network Security

Hi All, I have setup a lab to test ASA faillover situation. The lab is success that Secondary ASA can change standby mode to active mode once Primary ASA is failure. However, When I test stateful failover that use a PC to FTP file from FTP server. Th...

I need to setup 2 VLANS 100 and 55. The topology of the network is internet-->cisco 2811 router-->cisco 515 PIX-->PC users. The PIX is the gateway for the PC users. Normally I would setup the VLANS on the router, but I have PIX now, and I am not su...

Ok, I am stumped, so here I am :)I have a 1721 router with a DSL WIC for a location for their internet access and with a VPN tunnel to HQ. The problem is that SPI lets MOST traffic in and out, but it is blocking some sites... microsoft.com and southw...

Hello, all.I've noticed an interesting behavior of the Windows clients.We have NAC OOB L3 deployment + ip-telephony. Workstations are behind ip-phones (cisco). Users do not have administrator privileges on their PCs.When the user is authenticated the...

I have ACLs blocking most P2Ps on our edge rtrs. But they still coming in...can anyone post their P2P ACLs...I just want to compare with what I have. How about NBAR? How reliable is it running in a large network? TXAlex

Hello all,Is it possible to migrate LMS 2.6 into LMS 3.0 ?

I have two ASA 5520's setup in an active standby configuration. Each pix is configured with a inside and outside interface. I am also using the other two interfaces for the failover, and stateful pair. These firewall's are directly plugged into each ...

Hi All,Sorry for the off-topic but I come froma Unix environment so I am more familiar with SSH than Microsoft Remote Desktop Protocol (RDP).I noticed that with Win2003 Service Pack 1, Microsoft Windows 2003 RDP supports RDP with FIPs compliant. Doe...

I currently am NAT'ing all RFC-1918 addresses out the firewall to the Internet. However, I want outgoing mail to appear to originate from a different IP.So, 10.0.0.1 NATs out as 1.1.1.5010.0.0.2 (a mail server) should browse Internet appearing to be...

We've got a small company with about 50 employees. Currently we are about to upgrade our Internet connection to Metro Ethernet and along with that are looking at replacing our Linux based firewall with an ASA 5510. The question however is what soluti...

hellowe have 2 5550 ASAs in active-standby mode - please see attached diagram. the ASAs LAN Failover, Stateful Failover and Inside interfaces all physically connect into Cisco catalyst 6500s.we're about to test the resiliance of our network design b...

I have an ASA 5520, running 7.0(6), that I have configured for multiple contexts. Each context has a separate outside network, but I intend for them to each be on the same inside subnet.Interface gi0/2 is connected to the inside subnet, and this int...