I am not certain this is the correct forum but here goes. I am running an ASA 5520 and a couple of 5510s with the Trend Micro CSC module. I just wanted to filter URLs and block malware. I actived the "standard" settings in the global-policy to check FTP, HTTP, SMTP, POP3 and then try to use the Trend interface to set up everything (minimal to start with).
The results though are not good. My connection to the internet becomes rubbish.
I am unable to create TLS server to server connections until I removed port 25 from the global-policy (even though I had email scanning disabled in the module).
I can't maintain ssh sessions over a site to site IPSec VPN to remote servers, using rsync is out of the question. But ssh is not using ports that are supposed to be scanned or interfered with.
All in all either the CSC module seems to be unusable or the basic configuration needs to be tweaked. I am at a loss to what needs to be done. Has anyone else experienced this behaviour? and if so what did you do in the end?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...