yuri_slobodyanyuk

Member Since: Mar 15, 2007

English
yuri_slobodyanyuk commented on Anyconnect license clarification needed in Firewalling 4 years ago

Thanks a lotYuri

yuri_slobodyanyuk commented on TAC IPS Media Series, Episode 3 - IPS Placement in Intrusion Prevention Systems/IDS 5 years ago

Great videos, thanks.When doing config videos  can you please clarify the IPS <-> Layer 2...

yuri_slobodyanyuk commented on CCIE candidate in Cisco Cafe 5 years ago

You are right.I would  even go further and say if someone says "Hey I am a CCIE"  he/she deserves a...

yuri_slobodyanyuk commented on Advantages of VTI configuration for IPSec tunnels. in VPN 5 years ago

Great article Marcin, thanks and especially for references.IF only Ciso VTI could be vendor-...

yuri_slobodyanyuk commented on CCIE candidate in Cisco Cafe 5 years ago

I beg to differ (as a consolatory ROI for some 1700 bucks) - CCIE candidate should...

yuri_slobodyanyuk commented on It is either NAT-T or DVTI or zone based firewall or just me in VPN 5 years ago

Thanks Marcin ,tomorrow I will eliminate NAT-T as a possible cause by trying to connect from device...

yuri_slobodyanyuk commented on Do I need to creat an ACL to allow VPN traffic coming in on the external interface? in VPN 5 years ago

FOr sure you have to do something :1) Use the command Collin brought - sysopt , this basically...

yuri_slobodyanyuk commented on snmp-map ASA 8.2 not blocking as should or I get it wrong in Firewalling 6 years ago

THanks a lot , as I suspected I got it wrong. I was trying to block snmp v3 queries TO the ASA...

yuri_slobodyanyuk commented on snmp-map ASA 8.2 not blocking as should or I get it wrong in Firewalling 6 years ago

THanks a lot , as I suspected I got it wrong. I was trying to block snmp v3 queries TO the ASA...

yuri_slobodyanyuk commented on Application Level DDoS attacks - Cisco Guard? in Other Security Subjects 7 years ago

I am not aware of any white paper detailing this, from my own experienceI don't remember in its...

yuri_slobodyanyuk commented on Allowing RDP tunnel over SSH in Firewalling 7 years ago

Hard to belive - SSH encrypts payload,so ASA can't really see what is inside- only ports and that...

yuri_slobodyanyuk commented on ASA 5540 kills SSH sessions through the firewall in Firewalling 7 years ago

Every SSH client has option to enable keep-alive, this will send nop command every so seconds and...

yuri_slobodyanyuk commented on Block login attempts by IP address in AAA, Identity and NAC 7 years ago

This would work (and fill up Syslog records if you have one with messages below) , but can't you...

yuri_slobodyanyuk commented on ccie security and Unix? in Certifications 7 years ago

Speaking from my experience (Service Provider) it would be hard to be CCIE AND havecommensurate...

yuri_slobodyanyuk commented on how asa handle ip address conflicts with vpn's ip local pool in Security Management 7 years ago

I haven't tested for address conflicts but know ASA installs route to ip assigned to VPN user from...

yuri_slobodyanyuk commented on DNS Attack ?? in Firewalling 8 years ago

The only attack I can think of here is DDOS amplification attack - if someone sends DNSUDP query to...

yuri_slobodyanyuk commented on Blocking P2P in Other Security Subjects 9 years ago

Blocking is like that,also if you do a search on cisco.com for "Network-Based Application...

yuri_slobodyanyuk commented on Split Tunnel with PIX 515 6.3(4) in Other Security Subjects 9 years ago

Here is example from Cisco:" PIX/ASA 7.x and VPN Client for Public Internet VPN on a Stick...

yuri_slobodyanyuk commented on IP Inspect in Other Security Subjects 9 years ago

Can you name the book, for the benefit of all us ?ThanksYuri

yuri_slobodyanyuk commented on ASA and DSL in Firewalling 9 years ago

Tu sum up - I've seen at least 3 clients usingASA 5505 and 1 using 5510 that are connected through...

yuri_slobodyanyuk commented on Split Tunnel with PIX 515 6.3(4) in Other Security Subjects 9 years ago

I think it is better to clarify here,as possible are 2 situations:1) PC connects to PIX by VPN ,but...

yuri_slobodyanyuk commented on CCSP SND 642-552 Books in Other Security Subjects 9 years ago

There is the Student Guide for SND 5 days coursethat you get if you attend the course,it is the...

yuri_slobodyanyuk commented on ASA 7.2.2 No translation group found for in Firewalling 9 years ago

few things that seem to get mixed up:1) To your VPN clients you are assigning IPs that belong to...

yuri_slobodyanyuk commented on PIX 503 blocking certain sites in Firewalling 9 years ago

Well,if Websense is ruled out 100% more info I think would help:1) Did you try disabling fixup...

yuri_slobodyanyuk commented on Pix 6.2 - sysopt route dnat in Firewalling 9 years ago

It was depreciated and long ago:" ..The following commands are no longer used to configure the...

yuri_slobodyanyuk commented on Can not connect ASA through SSH and HTTPS in Firewalling 9 years ago

If general connectivity is OK (it does answerto pings when connected to network, right ?)Then I'd...

Bio












yuri_slobodyanyuk's Stats

Points17
Discussion started 3
Answers marked as Correct 0
Endorsed 0
Content Rated 32
Website: