Cisco Firewall :: ASA 5512x Restrict Email Delivery To Ip Address Range

Feb 2, 2013

I was wondering how to tighten the security of my email delivery to a range of ip addresses (I know how on my old firewall but the cisco is quite a bit different).  Right now anyone sending email to a particular ip address on my firewall can do so.  I want to restrict that to two ip address ranges it will accept deliver from.  I'm thinking I need two network objects for the two ranges then add to a network object group.  Configuring the ACL for delivery using that group if I'm correct about that ?

View 4 Replies


Cisco Switching/Routing :: 2955 - Can't Use Interface Range To Restrict By Mac Address

May 20, 2012

I need to only allow 5 Mac Addresses on a range of ports on a 2955 switch.  If I do the following it only changes the first port in the range:
interface range fastEthernet 0/5 - 10
no spanning-tree portfastswitchport port-securityswitchport port-security maximum 5switchport port-security violation restrictswitchport port-security mac-address 00:1D:24:25:F7:AA


View 2 Replies View Related

SNMP Couldn't Make Router Restrict A Range Of Address Allowed To Use A Community

May 3, 2011

I have a XSR-1805 (Version enterasys router here. Got SNMP server to work successfully. The thing is that I couldn't make the router restrict a range of address allowed to use a community. Only is allowed to use SNMP in this case.

View 1 Replies View Related

Cisco Firewall :: 5512X - IP Address Associated With Device Or Is It Interface Specific

Jan 21, 2013

I'm trying to get started on setting up my first Transparent ASA.I understand an ASA in Transparent Mode can now have an ip address with Bridge Groups or some such mechanism. I'm looking for examples of how to set that up and other information below. Is the ip address associated with the device or is it interface specific? Will I be able to SSH with that ip address setup? Can I use ASDM if the Transparent ASA has an ip address? This 5512X has an IPS. Any one who has setup an IPS on this platform knows it has some very particular requirments in order to communicate with the outside world. I need examples of how to do that with a Transparent ASA.How is NAT setup differently (if at all) on a Transparent ASA?Are ACLs done any differently?

View 3 Replies View Related

Cisco Firewall :: 5520 - Multiple Global IP Address Range On ASA Outside I/f

Mar 17, 2011

Got an ASA5520 running V8.2(3) and we want to upgrade our internet bandwidth. Our ISP says OK but we need to install different physical circuit, upgrade CPE router, etc.
Then they say, btw your globally allocated IPs will change - this is a problem as we have Site-to-Site VPN Tunnels, IPSEC RA, etc.
ISP are proposing to give us a 3 month period whereby old & new IP blocks will be routed to our ASA (by means of secondary IP address on their Cisco CPE).
Multiple IPs on the same physical i/f on the ASA require sub-interfaces/IP Addresses/VLAN ids on my "outside" i/f.
Is this going to horiibly break Site-to-Site VPN Tunnesl, IPSEC remote access ?
Will VLANs work at all with IPSEC on the "oustide" i/f at all ?

View 2 Replies View Related

Cisco Firewall :: FWSM 4.0 Email Server Cannot Connect To Email Gateway

Aug 8, 2012

I have a question about NAT behavior on FWSM 4.0. The problem is email server (Company A) cannot connect to email gateway (Company B) on the outside network and it randomly happen. I got this error from server guy "Detail: xlate has blocked the connection between A’s mail gateway and B’s mail gateway". It work fine again after clear xlate on firewall. [code]
1. How FWSM create xlate table like that? I mean it look like NAT0 for but it doesn't has any nat rule for on firewall.
2. What does it mean "connections 24" at the first of line? In the normal time, I only see the connections is 0 like the second line of xlate
3. After clear xlate global, the first line of xlate table is gone then email server can connect each other. Does is a bug on FWSM? or This is a normal NAT behavior of FWSM.

View 1 Replies View Related

Cisco Firewall :: Upgrading From PIX To ASA 5512X

Mar 12, 2013

We are in the middle of upgrading from two PIX's to some new ASA5512X's. To give you some background on the situation we are upgrading these since the PIXs are fairly old. We had one extra that we had to use since one PIX has failed already. The guy that implemented the PIXs orginally was learning how to do so as he went so there is alot of needless config in the PIX, atleast from what I can tell. Another guy that works with me has done some configuration on the new ASAs and has done the majority of it so far. Today we went to install the new ASAs and switch everything over hoping it would work, but that didn't happen. It seems that there is something wrong with our NAT and ACLs somewhere along the lines. The way our network is laid out is that we have two school campus with a site-to-site VPN one is and the other is We also have a remote-access VPN on both ASA's. When we connected the new ASAs up and brought up the interfaces, nothing on the inside could ping the internet nor the other side. The VPN showed active on the ASA's and each ASA could ping the others outside interface, but that was it. I have posted the configs below.
: Saved
: Written by enable_15 at 04:26:18.240 CDT Tue Mar 12 2013
ASA Version 8.6(1)2


View 5 Replies View Related

Cisco Firewall :: ASA5520 8.21 - Setup Routing For Non-contiguous Address Range?

Apr 13, 2011

ISP assigned us the following:xxx.yyy.zzz.32/30 as the outside interface network.This means .33 is the next hop, gateway, or default route.This means .34 is the outside interface on the as the ip address pool.This means xxx.yyy.zzz.65 to xxx.yyy.zzz.127 is the address is identical in all cases.Addresses .35 through .63 are owned by other parties and are not usable to us.The 33-34 setup works using static routing - IPSEC VPN is setup and functioning properly using these addresses.

[ie. Route outside xxx.yyy.zzz.33] 
After NAT and ACL entries are created to provide altnernate external IP address on the outside interface [ie. static (inside,outside) [external ip] [name] netmask and access-list [name2] extended permit tcp any host [alternate outside ip] eq https], attempting to browse to an internally hosted website from an external IP address results in the following messages in the ASDM log.
6 Apr 14 2011 17:58:51 110003 [redacted external IP Address] 37763 [Internal Website Name] 80 Routing failed to locate next hop for TCP from Outside:[redacted external IP Address]/37763 to Inside:[Internal Website Name]/80
How do I setup routing for this non contiguous address range?

View 4 Replies View Related

Cisco Firewall :: ASA 5512x No Internet Connectivity

Jul 8, 2012

I am updating my 8.2(3) code for my new ASA5512 that is running 8.6(1) and am unable to get on the internet with my current configuration from the inside interface.


Outside: ***.***.33.11
Gateway: ***.***.32.9
Inside: /24
dhcp 215.100 - 150

[Code] .....

View 6 Replies View Related

Cisco Firewall :: 5512X IPS In Transparent Mode

Dec 19, 2012

I need to know if the 5512X IPS will work if the ASA is in transparent mode and/or any limitations.

View 5 Replies View Related

Cisco Firewall :: ASA 5512x Hardware Reset?

Aug 5, 2012

Trying to setup a new ASA 5512 and like a ******* I've somehow locked myself out.
how to do a hardware reset?

View 5 Replies View Related

Cisco Firewall :: ASA CX Module Is Now Compatible With 5512x - 5555x

Jan 6, 2013

i found this part number for asa5512x product "ASA5512-SSD120-K9" it's a New Product Hold and under group "Cisco ASA CX Context-Aware Security" Who have know more information about this? Cisco ASA CX Context-Aware Security ASA5512-SSD120-K9 ASA 5512-X with SW, 6GE Data, 1GE Mgmt, AC,3DES/AES,SSD 120G

View 3 Replies View Related

Cisco Firewall :: 5512x - Static Translation From DMZ To Inside On ASA 8.6

Dec 20, 2012

Recently upgraded to an Asa 5512x from a pix 515e. I have an Ipswitch secure MoveIT server on the dmz1 interface that needs to be accessed from both the inside and outside interfaces. I have setup a static nat from the outside to the dmz1 and it works, I can also connect from the inside interface. Now I need the MoveIT server to access the DNS server and email server on the inside interface so it can send notifications. On the pix I just created a static from the inside to the dmz1 using its own IP address - static (inside,dmz1) net mask I would then add the access-list to allow. How would I set this up with the Asa 8.6 commands?

View 5 Replies View Related

Cisco Firewall :: 5512x Any Kind Of SSD Drive Compatible With ASA-CX Firewalls

Apr 28, 2013

I have ASA 5512X and I'm trying to run CX features on it. but the problem is I don't have SSD drive in the chassis. how can I get one? is any kind of SSD drive compatible with cisco ASA-CX firewalls or i should order it from cisco only? what is the part number for that model?

View 3 Replies View Related

Cisco Firewall :: 5512X Any Extra License Or Part Number To Get IPS Features

Apr 30, 2012

url...For the New Firewalls i.e. 5512X , 5515X etc there seems to be integrated IPS and we don't need to order any extra license or part number to get the IPS features .
But for the 5585X It says 2Gbps for SSP10 engine but I have seen in the Dynamic Configuration Tool that SSP10 and IPS-SSP10 are different things . Which means that I will have to order 2 service engines SSP10 and IPS SSP10 to get the IPS features and if I only order SSP10 with that Chasis I will only get firewalling  ?

View 3 Replies View Related

Cisco Routers :: RV220W - Restrict Access To One Web Address Only?

Oct 12, 2011

We will be opening a shop with a number of computers available to the public connected to the Web via one ISP with fixed IP using a RV220W router.
We wish to restrict web access to our company's web site only, say ''; how can we code this in the router?

View 4 Replies View Related

Cisco Switches :: SF300 48 - Restrict Vlan For Mac Address?

Dec 12, 2012

I bought a sf300 48 and made 4 vlans.
How can I restrict the mac address of device can be connect each vlan ? I just want allow the macs for vlan, dont need join the pc to a vlan.

View 8 Replies View Related

Cisco Firewall :: 5520 - Object-group With Network-object Containing IP Address Range

Apr 7, 2013

Does the ASA treat an object-group with a network-object containing a range of IP addresses as a netmask? For example, I can apply this configuration without the ASA throwing any errors though the configuration calls for a 'net mask':
object-group network test
network-object-group mode commands/options:
A.B.C.D  Enter an IPv4 network mask
sh run ob id test
object-group network test
I found that in the documentation it requires a netmask as oppose to a range. Is this a bug in the code? I am running code version 8.0(5)23 on a 5520. If this is not a bug how does the ASA treat this type of configuration when applied to an access list? When I ran a quick packet trace and denied access from that range it looks like the ASA doesn't read that configuration properly.

View 5 Replies View Related

Why Does DSL CKT Gets Bounced With Delivery Of Large Packet

May 20, 2011

Why does DSL CKT gets bounced with delivery of large packet?

View 11 Replies View Related

How To Restore A Msn Email Address

Aug 9, 2011

I think I've done a wrong move and cancel my company e-mail address.I'm not familiar with this , but is it pssible to restore.??..and if so be as clear as possible for each step to do cause I'm not a computer wiz in that stuff.

View 1 Replies View Related

Using Email Address From One Computer To Another?

Sep 21, 2011

How I can transfer an email address from my computer to my laptop?

View 1 Replies View Related

Broadband :: Email Address Has Been Hijacked

Oct 2, 2011

how do i change my out look express email address as it is being used by a hijacker.

View 3 Replies View Related

Need All Email Address Created On Computer

Aug 24, 2012

I have 3 Twitter accounts that all work fine on my iphone and my sony experia phone but I can not get into twitter on my home cpu because I cant find the email address that I used to start the account i tell them i lost it so they email it to my email address on file that they wont share. So I need to find out every single email account i have set up in the last 2 years.How do i do that? I tried the option to security to optioms again and nothing for twitter. I need those account on my desk so i can send photos off my hard drive.

View 1 Replies View Related

Cisco Switching/Routing :: Changing E-Delivery PAK From 2900 To 1900

May 15, 2013

we ordered a data e-delivery PAK L-SL-29-DATA-K9= (FOR A 2900 SERIES ROUTER) but after we received the PAK we discovered that the client actually has a 1900 router. Any easiest way of rectifying this mistake so that we can use the PAK on a 1900 series router?

View 1 Replies View Related

Cisco :: WLC 4400 And Guest Email Address Capture?

Jul 25, 2010

I've got a client with a WLC 4400 series and WCS that wants to setup a public guest wireless access network.  They want to have the users put in their email address to authenticate and they want to capture the email addresses to use for marketing campaigns.  I know you can setup the login page to have them put in their email address, but i can't remember if you have to use an external web server to actually capture and record the email addresses. 

View 7 Replies View Related

Cisco :: Guest Email Address Capture On WLC 2500

Mar 4, 2013

I have a WLC 2500 which I would like to configure with guest access.  I want to set up a web passthrough with email input.  Is it possible to collect the email address information?  Is it stored somewhere in the controller or do I need some external server?

View 1 Replies View Related

Cisco Wireless :: WAP4410N Email Alerts - Where To Put From Address

May 27, 2011

From the WAP4410N admin pages or console you can enable e-mail alerts. You have to set the essential TO address and mail server address. Where can I put the FROM address ? From what I can see it uses the hostname value as from address. The hostname in my case is ap02. Then you could try setting a mail address in the hostname field, but thats not allowed.


View 3 Replies View Related

Broadband :: Ntl Network Lost Email Address?

Dec 10, 2012

can i retrieve my old email address my oll one ass gone it is xxxxxxxxxxxxx edited by moderator: removed email address

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ISE - Cannot Create Guest Account From Email Address

Aug 23, 2012

I cannot sponsor a guest account using his/her email address. When I try to create a guest account, its show as file attached.
For example,      ->>>>>> cannot create    ->>>>>> can create
ISE version
Patch version 1

View 4 Replies View Related

Cisco Security :: V6.3.1172.4 - Change Email Address Of Administrator?

Oct 24, 2012

I am running v6.3.1172.4 of InterScan for Cisco CSC SSM.  The previous administrator has left and I need to change the email address that email notifications go to.  I click "Administration", then I click "Notification Settings" and type over the previous admin's email address. 

When I click the "Save" button, I get:
The email address entered was not recognized.  Verify the syntax and try again.

View 2 Replies View Related

Telnet Connection Error - How To Verify Email Address

Dec 11, 2012

i am trying to validate an email address through telnet connection, i followed these steps How to Verify an Email Address and Find if it is Real or Fake? sadly when i try the "telnet 25"

View 1 Replies View Related

Protocols / Routing :: Determine Country From Email Address?

Nov 8, 2012

I have a list of email addresses, people who have subscribed to a free electronic newsletter. The email address is all the information we have about each subscriber.A satellite office is going to begin handling print and electronic subscriptions for subscribers in Peru. Is there any way to determine which of these email addresses are from Peru?

View 5 Replies View Related

D-Link DIR-655 :: Does Not Accept Any Email Address That Start With Number

May 29, 2011

Router does not accept any email address that start with a number. For example, if you want to set email address in the from field you will receive the following error: The given FROM address ( is invalid. Same error if you use it in the to field.HW ver. A4 running firmware 1.35NA.

View 5 Replies View Related

Copyrights 2005-15, All rights reserved