Cisco Firewall :: ASA5550 Way To Block Incoming Connections From TOR
Nov 29, 2012
I need to block 4000 nodes (Ultrasurf, TOR exit nodes) and I've written a script that will ssh and copy in these objects (prob 100 at a time) into an object group and then put a blanket deny. I don't see a flood of traffic (occassional hits every other day, etc) but I was wondering what the impact would be? Can the ASA handle an object group of that size plus an ACL with it? Any way to block incoming connections from TOR/Ultrasurf?
View 1 Replies
ADVERTISEMENT
Dec 12, 2012
I was configure 3 interface on ASA1st - managemetn (only for management)2nd - gig0/0 is connected to internet with real IP3rd - gig0/1 is connected to local networkI was configure routed NAT to internet.But I have problem with restriction incomming traffic to inside interface (ifname is inside)but I can connect to ip address of inside interface from other ip. It is wrong and i can't understand where is my mistake.
View 2 Replies
View Related
Mar 16, 2012
I start to use the CM. I received a request to block a number,I need to block the call only on the Call Manager or also on the Gateway that I have?
View 6 Replies
View Related
Aug 20, 2012
I would like to block incoming traffic from a specific ip on a specific port
This is what I have
source: interface: wan ip address range: 5.xxx.xxx.226 - second one is empty (valid ip instead of x's) protocol: tcp
dest: interface: lan ip address range: both fields empty port range: 139 - empty field
ON and DENY box is ticked name field has some text in it
I click save and get this pop-up: Incorrect source ip address. Invalid format of the start IP address. Current Firmware Version : 2.11 The ip is obviously valid, what should I do?
View 1 Replies
View Related
Jun 23, 2011
I need to block incoming traffic with Dlink DIR 600. I know how to create the rule source (WAN) to destination (LAN) to deny all protocols. But what IP will I put in WAN? IP address of my Internet? Or how can I enter the ALL IP range in source...format for the IP (it's not 0.0.0.0).
I want to do this because in the DIR log section I'm being PING Flooded. I already un-check "Enable WAN Ping Response" but still receiving the message.
View 4 Replies
View Related
Nov 5, 2011
i have with my Edimax router. I could not make any progress with Edimax personnel in Taipei.
If i connect my vista box directly w/o the router, i can see that port 21 (Filezilla) is open, using WhatsMyIP.org | Port Scanners/Sniffers
When I insert the Edimax br6215srg router, the port is in timeout as reported by aforementioned site (guess the port scanner gets no synack nor reset back to the syn it sends)
The router is set to "disable firewall" or to "enable firewall and DMZ enabled" with as client's ip the one that is configured in the router's dhcp table for the vista box. The NAT module is set to forward port 21 to the same ip. ipconfig confirms that i do get the ip programmed in the router's dhcp table.
I do not want to believe that this edimax box is unable to forward connections!
View 19 Replies
View Related
Nov 18, 2012
I recently moved house to a flat where I now have an adsl wireless router. Ever since I installed it its been major problems for me, my speeds are terrible takes ages to load a webpage and days to download anything. Also I have tried to stream to my apple tv through the use of airplay mirroring but this again doesn't work and an error code appears every time which I then looked up and it says its to do with my firewall blocking incoming connections. I have gone to my routers settings to try change this and it says to select the options by clicking the radio buttons however they do not exist on the page as you can see on the screenshot below.
View 1 Replies
View Related
Mar 2, 2012
I have a Cisco 3745 that is my internet router, I have a domain that directs the web address to the WAN IP address...Can I set up my 3745 to forward incoming connections to my server?
View 3 Replies
View Related
Mar 16, 2011
which product has the capability to receive multiple incoming connections
View 1 Replies
View Related
Dec 19, 2011
We have a Cisco 2911 Router and have configured via BT Infinity Broadband for out going internet access etc. Are there any incoming restrictions ACL settings etc. that will stop us using for ISA VPN, Exchange connections, Intranet, Sharepoint etc. We have reserved 13 Static IP Addresses from the ISP.
View 1 Replies
View Related
Feb 1, 2011
I've been fighting with getting VPN connections working properly with my Dlink router. I set up virtual servers for PPTP and L2TP and could usually get the first attempt to work. Subsequent client connections would always fail.The logs display the following-Dropped GRE packet from 192.168.0.10 to 64.232.xxx.xxx as unable handle packet header. Blocked incoming GRE packet from 64.232.xxx.xxx to 76.105.xxx.xxx.What seemed to fix it was going to Firewall Settings and setting UDP Endpoint Filtering to Endpoint Independent and TCP Endpoint Filtering to Address Restricted.
View 1 Replies
View Related
Jan 3, 2013
How to configure my DIR-615 (Hardware Version E1 - Firmware Version 5.00NA) to:
1. Assign/Reserve IP address for 2 machines.
2. Route a web browser to a server on the first machine (port 80) as a default when another computer or smart-phone or device joins my open wireless network.
I am hoping to eliminate any changes to the IP address of the first two computers so that the server's IP address and port are static. I would also like anyone who joins the network to merely open their browser and be presented with the http interface from my server.
View 2 Replies
View Related
Jan 27, 2011
I am trying to make my computer support incoming VPN connections. I am using Windows 7 Home Premium on the computer I want to make the connection on.I am also using Verizon FioS internet (comes with default router/modem combo) to which I have the DIR-655 router connected. I am able to connect to both WiFi's fine and they work correctly.I think the Verizon router is set to block incoming VPN connections and I think this is why I cannot get anyone to be able to access my computer / internet via VPN. How I can perhaps forward ports and which settings I would need to specifically change in both routers admin settings so that I can get VPN connections to forward to my computer and be accepted.
View 1 Replies
View Related
Jan 15, 2011
In OS X 10.6.5, the following dialogue popped up:.Do you want the application "master" to accept incoming network connections?
View 3 Replies
View Related
Apr 20, 2013
I was at my computer when the desktop appearance and taskbar changed. I immediately opened task manager to see what program might have caused this and didn't see anything out of the ordinary. Then about 2 minutes later my desktop changed back to what it normally is. I then went and disabled remote desktop connections... I think that someone may have accessed my pc remotely, buy I wasn't able to catch them at it. Is there any way to review incoming remote desktop connections historically?
View 3 Replies
View Related
Dec 23, 2011
I've been fighting with my E2500 since I got it back in June with lag, dropped connections, etc. It's a bit intermittent but can hang around for hours at a time when it kicks in. Restarts but the issue always comes back. Most noticeable while gaming online or on a VOIP program such as Team Speak. Generally when it happens If I'm monitoring my Team Speak connection the incoming packet loss shoots up between 20-30%, starting to drop out every other word or so. No out going packet loss. The connection drops are random between computers (I have one mac and one pc in the house) where one will be fine and the other wont, or when the whole system will stay connected and drop all transfer. In the case of this last one it's not my ISP's connection as any streaming happening between one computer and an Apple TV device will also cease. I've also swapped back to my old router (an older model linksys) and all problems have stopped. Fully rebooted and reconfigured the router about 3 or 4 times and am on the latest version of firmware (1.0.003). It was much worse on 1.0.002 but still very noticeable on 003. Also no difference with a different wireless adapter. I've tried the chat technical support but all they did was take 45 minutes to tell me how to reboot my router after telling them I already had.
View 1 Replies
View Related
May 30, 2012
I've inherited an ASA5550 which is missing its SSM-4GE-INC - it was taken out to upgrade a 5540, which is now in production elsewhere in the enterprise. Trouble is, now the 5550 will not boot, it gets stuck after a panic message, and reboots:
Panic: Init Thread - Module SSM-4GE-INC is not present. Rebooting...
I'm taking this as the unit cannot function without this module installed?
View 5 Replies
View Related
Sep 20, 2011
I are currently implementing a new patching schedule (when I say new i mean a company first!!!) and I have identified that the firewalls are all running 8.2(2). I would like to bring these up to the latest version but am a little worried about impact!!! I have setup a test firewall with the config from our live asa's and run the upgrade but have received multiple lines.
View 9 Replies
View Related
Feb 16, 2012
I have upgraded ASA5550 version from 7.2(4) to 8.4(2).
On version 7, I am used to "names" command, like this:
names
name 107.25.1.10 Picard
name 107.25.2.20 Administrativa
By addition, when configuring acls it was very usefull, for example:
access-list inside_access_out line 15 extended permit udp host Picard host 107.25.4.61 eq snmp
On version 8, I have verified that names replacement is no more available:
ASA(config)# access-list outside_access_in permit ip host ?
configure mode commands/options:
A.B.C.D Source host IP address
View 5 Replies
View Related
Nov 11, 2012
I am trying to set up an ASA5550 so that I can access the servers behind it. Simple.
As of now, I am unable to even create an access-list to allow traffic from my remote IP into the firewall. As far as my level of experience with Cisco firewalls, it's basically zero but I have taken the Cisco CCNAX class and feel that I have a good understanding of the fundamentals. That said, we only dealt with routers and switches, and it's not impossible that I'm missing something that would be totally obvious to most folks on this board. I've used CLI and ASDM with no success.
Here are the relevant parts of the config:
[code]...
View 6 Replies
View Related
Feb 22, 2012
I have been getting overrun errors on 3 different ASA 5550 HA pairs with traffic rates less than 100Mbps total. I was told by one TAC guy to split the traffic between the two slots so that traffic comes in one and exits the other to maximize throughput because the 5550 was designed to work that way. Another TAC guy told me to enable ethernet flow control to alleviate the overrun errors because the traffic was bursty, but this doesn't seem to address the root cause of the problem to either. TCP traffic is bursty by nature and has it own flow control mechanism. I can't seem to find any detailed info on why traffic needs to be split for 100Mbps when the marketting throughput number is 1.2G. Is this a design flaw or limitation? Is there a way to alleviate overrun errors?
View 25 Replies
View Related
Mar 3, 2011
I want to run two syslogs, one to Loglogic for compliance and the other to Solarwinds for network administration. Currently the firewall is setup for just the one syslog device. If I add an additional device ie further IP in the config for the Loglogic box will there be any noticeable differences in the performance of the firewall, does affect the cpu utilisation, or memory in any way.
View 1 Replies
View Related
Feb 2, 2012
getting step by step procedure to bring an ASA5550 to factory default setting, so that I can configure it from scratch via ASDM
View 3 Replies
View Related
Mar 4, 2011
Is it possible to establish PBR rules that set the ip next-hop to point directly to the inside interface of the ASA5550?Or, do I need to direct this PBR traffic first to a directly connected router interface and then default route to the ASA?At a high level, here's what we have:
ISP 1 - with /21 IP PrefixNo BGP Routing3845 Edge Router - Default Route to ISP 1PIX535 Firewalls (HA) - Default Route to Edge RouterLAN Core/Distribution - Default Route to PIX535 Inside InterfaceAll applications/services use this egress path for PAT/NAT/DMZ/VPN/Etc.
Here's what we are adding:
ISP 2 - with /24 IP PrefixNo BGP Routing3925E Edge Router - Default Route to ISP 2ASA5550 Firewalls (HA) - Default Route to Edge RouterSame connectivity to LAN Core/Distribution
Goals:Maintain ISP 1 for nowMigrate only end user Internet traffic to ISP 2No disruptions to applications/services using current DefGW to PIX535
Question: how to best use PBR to selectively direct traffic to the ASA inside interface?
View 4 Replies
View Related
Jan 27, 2013
How to schedule automatic Xlate sessions cleaning in ASA5550. I want to clear few global nat sessions manually every week.Is there any way to automate that?
View 1 Replies
View Related
Apr 14, 2013
We have currently install single ASA 5550 and want to install one more ASA for active standby mode, but cisco discontinue or End of sale ASA 5550. can any one guide me ASA 5555X is compatible with ASA5550 on active standby mode or not.
View 2 Replies
View Related
Mar 29, 2013
I have the latest ASDM 7.1(2) & ASA5550 9.0(2). When I try to start Remote Access VPN Wizard, it's just nothing to select in Wizards-VPN Wizards, except "Site-toSite VPN Wizard..."
View 2 Replies
View Related
Apr 6, 2011
I am having some trouble with one of our servers at work. Basically it won't allow any TCP/IP connections as the IPSec driver has entered Block mode. I have been advised by our external IT support (I can't get hold of him at the moment, that's why I am here ) to go into the command prompt and type: regsvr32 pdstore.dll but when I do this is can't find the file.What is pdstore.dll as when I Google this it comes up with nothing, so is this the correct command?
View 10 Replies
View Related
Mar 10, 2011
We are looking to implement traffic shaping/policing primarily for P2P traffic. As natively the ASA5550 is only capable of p2p inspection if the traffic is tunneled via port 80 is the AIP-SSM the way forward? We have 2 5550s in active/active failover config. As a side note we are also looking to implement an IDS/IPS system so could this module cover all?Is this module going to provide the desired outcome or is there another module/device out there better suited for this? I would prefer to use the ASA5550s as opposed to implementing another product if only that we can make use of the investment we already made on these devices.
View 1 Replies
View Related
Nov 8, 2012
I have an SA520 that is being used as a front end firewall. Behind it I have an IP PBX. The VOIP provides are registered and I can make outgoing calls. However It appears that the SA520 is either blocking or not routing the calls. I have opened the ports recommended by both the IP PBX and the VOIP provider. What do I need to do to make incoming calls through the SA520?
View 1 Replies
View Related
Mar 6, 2013
I'm new to ASA's and PIX units. I've setup a few VPN's now but know next to nothing about logging on these units. I read the config guide for the PIX, but cannot figure out how to get a log of incoming SMTP traffic going on the console.Do I need to use a SYSLOG server? I can probably set one up on my laptop.
View 1 Replies
View Related
Mar 15, 2012
I am trying to switch out a cisco pix 501 firewall with a cisco ASA 5505 firewall. I am not very familiar with all of the commands for the firewalls and have always relied on a standard command line script that I use when building a new one. Unfortunately, my script is not working with the 5505. What I am doing wrong with the following script? I've masked public IP info with xxx.xxx.xxx and I run it right after restoring the firewall to the factory defaults. I am able to get out to the internet if I browse directly from one of the servers, but cannot access a web page when trying to browse to it from an outside network. [code]
View 7 Replies
View Related
Sep 4, 2011
Actually all service from site to site is permitted, without restriction.I want to insert an ASA to block some internet traffic on main site.I try to configure my ASA5510.No problem for outgoing connection or to permit a single service on main site.But impossible to give access to all service/connection from all remote site to main site. [code]
View 7 Replies
View Related
