I recently deployed this module on Cisco ASA 5520 (v8.2.5) at a client's place. I'm having problems. Even if there's 1 user, browsing Internet is super slow. If I were to bypass the CSC SSM (for 10 users) module by removing the "service-policy TEST interface inside" command, browsing Internet is very fast. Based on my troubleshooting, if I were to disable Web Filtering, Web Reputation and URL Blocking & Filtering, and leave all other services enabled, then the browsing is fast. how come I enable the 3 services stated above and browsing the Internet is slow, even for 1 LAN user. I don't have any thing configured under these 3 services. Just by enabling the services alone, it's already slow. It doesn't make sense for Cisco to sell such an expensive product and it can't even handle 1 user with no settings but services enabled.
I have IOS content filtering using the Trend Micro subscription service working on a 2911 running 15.1.(3)T3 with the security license option and a 30 day demo Trend subscription. Once I figured out that the content filtering for Trend appears to be completely broken in 15.2 (even using docs for 15.2) I went back to 15.1 and it works great.
Everything seems great so far except I would like to have a more 'fancy' or custom blocked page where a user can have a couple links to either go to the trend micro reporting page [URL] or some other page, and maybe some branding so they know the page is coming from our network and is not some fake security thing or phishing attempt or whatever.
I know I can use the 'parameter-map type urlf policy trend ' section to do a tiny bit of customization of the text that appears on the default blocked page display and there is an option for it to go to a simple redirect instead ('block-page redirect -url') but how to do more with either the built in page or the redirect- url to keep the information of what page the user was trying to access and why it was blocked (category etc.) while adding more features.
Oh, one last thing, this doesn't support any kind of 'user override' or anything like that does it? So that a network can have a filter applied but an admin could override the filtering to allow temporary access to something?
I have installed CSC-SSM-10 on cisco ASA 5520.I am facing two problems
1 : When I send traffic from ASA to SSM module then internet connection becomes slow and sometimes internet session disconnected. 2. When I try to manual update then following erros shows please see attachment .
I have a asa5520 with five Internet IP.One for the internet interface and the others are static maped to dmz hosts. It runs rightly until yesterday.Now it will lose the connection to the gateway many times everyday and the dmz hosts can not connect to internet any time. configuration(simplified):
! interface GigabitEthernet0/0 nameif internet security-level 0
I called ISP to check,when ISP clear their router's ARP, the asa will lose the connection at the same time and then the ISP's router couldn't learn the ASA's MAC. After I 'clear arp' manually,The ISP's router can learn the ASA's MAC and the connection recovered,but the DMZ's cann't access internet still (of course,There is no problem between DMZ and ASA ,I ping the internet gateway from DMZ host and can not get any reply.).
Running WLSE 1.3 and it shows No Data Available. Checked the task history for Inventory collection and it is not collecting. All the processes are running. Unable to gather data. SNMP community strings are configured and devices are accessible (AP350's).
Recently installed an ASA5505 for a client. They have Verizon DSL (7mb down, 384up package). So my config is Verizon (Westell) DSL modem connected to e0/0 (VLAN2) of ASA. From there I have e0/1 (VLAN1) connected to a 3COM 2250 Plus 50 port switch.
Since installing the ASA client has been complaining of a major slow down in Internet speed. Contacted ISP and they had me remove the firewall from the equation and hook modem directly to laptop. With this setup I get between 6-7mb download speeds. When I put the ASA back into the mix though, the speed drops significantly. The speed will varry but 90% of the time they do not even get 1mb download speeds.
The configuration is pretty straight forward, not doing a whole lot with the box other then using it for VPN (IPSEC).
i am working on a project called Networked control of inverted pendulum.i have done my simulations in matlab as a hardware perspective.i have to establish a network in a micro-controller board connect sensor actuator controller nodes from the board to the network.
I have two 5520s in a failover configuration. When browsing the internet behind them the speeds average 0.5Mb/1.0Mb Download/Upload. When bypassing the ASAs the speeds increase to 4Mb/6Mb. I have checked the interfaces on the ASAs and there are no errors, collisions, drops, etc.
we have installed an asa 5510 with 3 interfaces : dmz (web server 172.20.0.59;application server 172.20.0.58; server mail 172.20.0.157), inside (lan) and outside (connected to a router for internet connexion). the problem is that the connexion internet is slow in the inside (lan). our dns is in the ouside with ip address x.x.x.60 ( the dns have translated addresse to inside and dmz 172.20.0.60). the router connected to our IPS have x.x.x.33 (our default gateway for internet). there is a simple switch between firewall and router. the inside interface of the asa is connected to catalyst cisco 6509 (the interface gigabit of the 6509 is configured to auto speed and duplex). the asa have base lisence.here is the configuration of the asa and the output of commandes show interfaces (inside, outside), show asp drop , show perform.
firewall# show run ASA Version 8.2(1) ! hostname firewall domain-name xxx.xx enable password dgft12ghkHKM123Z encrypted passwd dgft12ghkHKM123Z encrypted names
I just got a PIX 506e from a friend that was not longer using it. I'm trying to get started with the configuration page. I've reset it to factory defaults, rebooted and connected up ethernet. I can ping the device at 192.168.1.1 and access it via console. I browse the site https://192.168.1.1/startup.html, get the invalid ssl certification, get a login prompt (user/pass) and as the document says I leave it blank. As soon as I hit ok it goes to the 404 error Page Not found.
My company gets horrible service for our company-provided AT&T iphones.So, at this time - I am looking for microcells to boost our AT&T signal. We currently have some macrocell in place, but the problem is that its authentication-based. I want every person - whether its an executive, guest, thief, bystander, WHOMEVER to get a better AT&T signal when they step into our office building.
We are using ASA 5510 with internet link of 40 MB. we are facing issue of slow download speed. we have done all basic troubleshootings like: fixed duplex full on interfaces, checked CRC reeors on interfaces.
we are using around 40 L2L VPN tunnels on same ASA.
We have an ASA 5510 and are experiencing unbelievably slow speeds. I noticed a problem last Thursday with users complaining of slow speeds and realized our interface had a ton of errors and was running at half duplex. I contacted the ISP (we are connected to their 3750) and they swore up and down they were set to full. So they had me switch to full and the interface shut down. I asked them to switch to auto and the interface came back up and we went to full, and of course the errors and colisions stopped. However the errors and packet drops have not stopped. The ISP sent out a technician and they determined it wasn't a problem on their end by plugging in a laptop and testing the speed--that worked fine. Eventually I plugged in a Sonicwall and bypassed the ASA completely and that worked fine. We plugged the ASA back in and we we went back to dropping packets. I put an old config on the ASA and oddly enough it seemed to have fixed the problem but we were still dropping packets. So I put the most recent config back on and that worked fine up until today. We're back in the some boat we were last week. So my first question is when I do a show int and see packets dropped - is that normal because of ACLs etc, or would that be show in another place? Here's an output of show int and show asp drop:
HQ-ASA# show asp drop Frame drop: Flow is denied by configured rule (acl-drop) 3366 NAT-T keepalive message (natt-keepalive) 423 First TCP packet not SYN (tcp-not-syn) 406 TCP failed 3 way handshake (tcp-3whs-failed) 135 TCP RST/FIN out of order (tcp-rstfin-ooo) 462 TCP SYNACK on established conn (tcp-synack-ooo) 46 TCP packet SEQ past window (tcp-seq-past-win) 50 TCP invalid ACK (tcp-invalid-ack) 9 TCP Out-of-Order packet buffer full (tcp-buffer-full) 29 TCP Out-of-Order packet buffer timeout (tcp-buffer-
I have not made any configuration changes to the ASA ina couple of months. The interface counters were cleared about 45 minutes ago if that's how quickly the errors/packet drops are adding up.
Our internet connection is connected to an ASA. The download speed is ok but the upload is very slow. we have been running some speed test from our LAN, and have been also trying to upload/download file.
Our ASA also have the IPS module. I turned this off but we've got the same result.
I send here attach the configuration file of the ASA.
With regarding to the firewall ASA5520, i'm using it in my network, all the confiuration are properly configured and working but with the use of proxy address in internet explorer(e.:18.104.22.168/3128) all the blocked contents as easily accessible simply it bypass all the network through firewall.so will u guide me to block the proxy servers.
Port forwarding done to a DMZ located server on the cisco ASA 5520. Now this host cannot browse but allowed outside to inside access is possible Is there anyway i can give this system to browse internet? may be through the natted IP ( 94.20.*.*)
Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize OutDiscards Gi1/0/17 0 0 0 0 0 182867 GigabitEthernet1/0/17 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is a0cf.5b87.ec11 (bia a0cf.5b87.ec11) Description: QinQ_to_DC2
As you can see, 30sec rate isnt excessive, but as the drops are outdiscards it would appear we are getting hit by the small buffers/microburst issue.
Gi1/0/17 is mapped to asic 0/20 Gi1/0/17 17 17 17 0/20 1 17 17 local Yes Yes
I am working on a friends vista machine and I cannot browse the web internet is connected I can ping say 22.214.171.124 and get a reply but if I ping (url)it say its unreachable. I have reset winsock and the tcpip stack stopped and started the DNS service tried manually entering DNS servers and no luck.
I just installed a new ASA 5505 for an office with three internal subnets. The three networks can each get online fine and ping eachother, but cannot browse to shares on the two internal networks other than their own. How do I configure the ASA to allow all traffic between these three inside networks?
From home I would like to browse my intranet at work where I have a Linux box, which I will call "W", i.e. url...My router at home closes port 22 but maps port 2222 to port 22 on my server "S" which resolves to mydomain.org.
My main machine at home, "M", is where I do my work from home. I thought this might work: [code] On M I tell firefox that S:6666 is the proxy for all sites like url...
So far my browser on M cannot find the intranet web sites with this scheme.How do I make this work? What can I use to debug this
I am running windows XP on a computer that I use solely for my business' POS system - therefore not being able to connect to the internet is a problem as I cannot process credit cards. I have checked with the linksys (for router) and internet service provider - everything is working fine as you can see because I am posting from another computer. However the computer that is hardwired to the modem and router cannot access the internet. I get a "connecting" message then a quick "login failure" then a " internet explorer cannot display this page" message
We usually connect to a remote server through VPN connection. Nowadays we are unable to browse internet after we estabilish VPN connection. I searched many forums and site and got a temporary solution Go go properties of VPN connection - click on networking tab - properties of IPv4/ IPv6 - go to advanced - in ipsettings tab - uncheck "use default gateway on remote network"
After doing this Im able to browse internet but my concern is the external IP should be of the remote system and not my original IP so that I get access to my remote LAN network.Even I'm able to find a temporary solution for this. After doing this setting we need to connect VPN and disconnect it and go for same setting but you need to check "use default gateway on remote network". Now connect VPN and everything seem to work fine , I'm able browse internet and my IP remains of the remote network and everything is working fine till the VPN connection is disconnected.
I have no virus/malware (malwarebites) that i can find. All of the firewall's i know of are off and all antivirus software.I Have a desktop computer with Windows XP Pro. I have Cable internet and I am connected through a modem > router > computer.I will copy & paste (from flash drive) onto here the following commands as i have seen numerous requests for this information on other inquiry's that i have read.
Computer always says it is connected to the internet, but I can only browse sometimes? I can always talk on chat on skype and use spotify. Other programs, like League of Legends I can also use, if I was signed in while the internet was working BUT if I start a game while not being able to browse, the game will crash when I'm about to go in-game. Everyone else in my house can access the internet from same router.
My laptop power cord failed and replacing it is beyond my current budget so must get my old desktop up. I've got it connected but it won't surf the web. Says excellent connection.... But no connection seems evident if I try to go online.
I have an issues with a hp pavillion desktop. I just reinstalled vista home 32 bit and everything loaded just fine open IE and down at bottom left ip address is showing instead of verbal address. It displays internet explorer cannot display the webpage. ive tried diagnose connection problem and it tried to reset netowork adapter with no luck.Reinstalled network card, reset IE browser to default, started in safe mode with networking and still nothing.I pinged yahoo and got 4 recieved 4 sent. I have no errors in device manager. I called Isp provider and they said something is blocking from recieving, i need to take it in to have it fixed. i have 2 other computers on the same network wirelessly working fine, unplugged cable from hp destop and plugged it into other pc and cable is working just fine.
i'm having difficulties with my internet connection.. My internet is plugged in and it says it works. But I can't browse any websites, it's like i didn't have internet. I can play online games, i can go on steam and talk or play online and I could ping in cmd as well. I'm running window 7 64bit.
I have already trying to fix with :
1) reset tcp/ip with netsh thing
2) flush dns
3) uncheck proxy in internet explorer
4) run avira antivirus, malwarebyte, spybot, cccleaner, tuneup utilities
5) try to connect with mozilla, chrome, internet explorer but fail.
5) trying to connected in safe mode with networking but still fail. none of this solution work
Whenever I download from µTorrent, Steam, or Firefox, on any computer in the network, I can't access the internet through a browser.Skype, MSN, and Steam still work, however.I've randomized µTorrent's ports multiple times, but nothing's working. As well, I have tried disabling all firewalls on both systems, but with no luck.