Cisco Firewall :: How To Configure ASA 5510 CSC Anti X Edition

Dec 13, 2011

how to configure ASA 5510 anti X edition ? Can I have a link explaining the configuration step by step ?

View 2 Replies


Cisco Firewall :: ASA 5510 Anti-replay Window For VPN?

Aug 11, 2011

tell me the command to view current anti-reply window size in ASA 5510?

View 7 Replies View Related

Cisco Firewall :: To Enable Anti Spoofing ASA 5505

Apr 24, 2011

What is Anti Spoofing in ASA 5505. Can I enable it on ASA 5505. If yes , port will be inside or Outside. ? or both ?

View 1 Replies View Related

Cisco Firewall :: IS There Any Drawback To Enable Anti-spoofing In All PIX 535

May 30, 2011

We are runing PIX 535 with software version 8.02. In ASDM,  I see  anti-spoofing is diable in all interfaces. If I enable it, is there any negative effect? Can I enable it in DMZ, inside, and outside interfaces?

View 2 Replies View Related

Cisco Firewall :: PIX 525 Anti-Spoofing Attack Protection

Mar 19, 2011

I have multiple questions about the PIX 525 software version 8.0(2) ASDM 6.0 (2)I am a windows network admin that is new to Cisco and routing in general. I have read through the forums and the Cisco documentation, but have not been able to fully understand the topics discussed within.

1. Anti-Spoofing Attack Protection
2. Scanning Threat Detection - Auto Shun
3. NTP Sync Verification
4. QoS implementation5. IOS and ASDM Backup
This option is currently DISSABLED for all interfaces.I know what ip address spoofing is, but what is the functionality of these options specifically? How does it work and should I enable it and for which interfaces? Second Question: Scanning Threat Detection - Auto Shun
I found this option in ASDM under: Configuration --> Firewall --> Threat Detection.Enable Basic Threat Detection and Enable Scanning Threat Detection are both currently ENABLED, but Shun Hosts detected by scanning threat is currently DISABLED. Also, the Networks Excluded from Shun field is empty. I know what the shun command does. I have used it many times when I have been fortunate enough to catch some piece of **** trying to spam my mail server or gain access to it.
What I am asking specifically is how does the Auto Shun work? Should I enable it and what are the potential consequences? Also, what exactly is a scanning attack?
I am not familiar enough with the PIX and with the topics discussed in the document to successfully apply the info within. Plus, I'm not sure it covers the kind of basic, all-inclusive bandwith cap I would like to put in place.
The goal is to cap the maximum internet (outside) bandwidth that inside5 can use to a reasonable percentage while allowing the other interfaces to have the remainder.

How would I go about this implementation? 2. Is there a way to allow inside1 - inside4 to use max bandwidth when there is no traffic on inside5?
I am probably, at least, the third owner of this device and I do not have an account with Cisco nor can my tiny (perhaps non-exsistant given the current economic state) IT budget afford any form of support or software licensing with them.My goal is to backup the IOS and ASDM data in the event that I have to replace the device due to a hardware failure.
I found a file transfer function within ASDM which allowed my to copy the files pix802.bin, asdm-602.bin and tfp from flash to my desktop computer. I also have a copy of the activation key info and my current configuration.
1. Have I backed up all the data/info I would need to restore this software and ASDM to another unit.
2. The activation key screen also has a serial number field. Is this the hardware serial number or is it for the software? and is it tied to this device specifically or can I use it to restore another unit if necessary?
3. Is there anything else I should do or be aware of regarding backup and restore for the PIX?
4. What is the tfp file?

View 1 Replies View Related

Cisco Firewall :: How To Configure Firewall Access For ASA 5510

Nov 4, 2012

This is my first time to use the Cisco ASA 5500 family. I have a request from a user to create an access rule, to allow all LAN traffic to Destination IP address, with Destination TCP port 5060,5061,5070 and UDP port 50000-52399.

View 9 Replies View Related

Cisco Firewall :: ASA5540 - Disabling Anti-Replay For Specific Tunnel

Sep 23, 2012

We need Solution for disabling Anti-Replay on the Firewall for a specific tunnel. ASA 8.4(2) ) does not support disabling Anti-Replay on specific Ipsec tunnel , is it true , then if we want to disable Anti-replay , what we have  to do in ASA5540 .

View 4 Replies View Related

Cisco Security :: How Many Default Context In ASA 5510 Security Plus Edition

Aug 8, 2006

ASA 5510 security plus edition will it support active/active failover. and does it support context with securiyt plsu edition. and how many default context do we get with asa 5510 security plus edition.

View 3 Replies View Related

Cisco Firewall :: Adding Content Security To ASA5510-BUN-K9 Edition

Sep 27, 2012

I have an ASA5510-BUN-K9 in this version:

Cisco Adaptive Security Appliance Software Version 8.0(3)6
Device Manager Version 6.0(2)
Compiled on Thu 17-Jan-08 17:42 by builders
System image file is "disk0:/asa803-6-k8.bin"
Hardware:   ASA5510, 202 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

The question is what i need to add the CSC10 SSM with content filtering and url filtering to this version of ASA? Do I need more ram? Do I need more flash? Is this version compatible with the CSCSSM hardware? What licenses i need for 100 users?

View 2 Replies View Related

Cisco Firewall :: How To Configure ASA 5510

Sep 11, 2011

I'm having a problem configuring an ASA 5510.  A previous employee started the config and left abruptly. He established a VPN Tunnel between two of our sites and that's working without an issue.  The problem is, the network behind the 5510 at the remote location cannot access the internet. 

ASA Version 8.2(1)
hostname PH-Firewall
enable password HXrQty4kqW8s8yeE encrypted
passwd ucA.qrYJWD9UyIFz encrypted


View 12 Replies View Related

Cisco Firewall :: Configure DMZ On ASA 5510

Mar 3, 2013

I am confiuging a DMZ on my ASA 5510 but I have run out of physical ports, since I have dual Wan ports configured.  I plan to implement a DMZ using subinterfaces.  I have 2 questions:
1) Do I need to configure a Vlan to complete this task?

2) Do I need to re-configure the other interfaces for subinterfaces and/or vlans as well?

View 4 Replies View Related

Cisco Firewall :: How To Configure ASA 5510 8.2(1)

Jul 25, 2011

I'm trying to configure an asa 5510 8.2(1)?I have a range of pub ips 3*.108.234.145-150
>>> E0/0  3*.108.234.146 outside public     
>>> E0/1  inside       
>>> E0/2  dmz          
would like to map dmz host to external 3*.108.234.147 on port 5000 and 50001 LOCAL LAN should also be able to get to dmz host ports.i've tried a few configs and also following this example:
without any luck, here is my config, also posted the out put of show arp which is able to see and ping the host on dmz, also the output of show access-list which shows hits to it.
prophase-pix(config-if)# show running-config
: Saved
ASA Version 8.2(1)
hostname prophase-pix
enable password  encrypted


View 2 Replies View Related

Cisco Firewall :: How To Configure ASA 5505 And 5510

Mar 18, 2012

I am absolutely new in the enterprise firewall world but I would like to start learning how to configure ASA 5505 and 5510. I did some research myself and I found that the material or the topic itself is a huge adventure (lots to read and understand). My company uses IOS versions until 8.2 due to the differences in the NAT-ting rules with 8.3 and 8.4.

View 1 Replies View Related

Cisco Firewall :: Configure ASA 5510 For ActiveSync

Feb 28, 2012

I need to allow connection from IPHONE (in Internet) to connect Exchange on private network, synchronising with activesync (https) We have a microsoft TMG on frontal (inside network)
What is the method to parameter CISCO ASA using clientless access: Port forwardind? smarttunnel, web proxy? Nat?
i want the activesync request to cross ASA to go directly on TMG without asking password and user

View 2 Replies View Related

Cisco Firewall :: ASA 5510 - Getting Error When Try To Configure

Aug 21, 2012

I recently bought an all brand new ASA 5510 and it is here by my side. I'm trying to configure it but when entering I get Page Not Found error on IE. I'm able to ping and have success telnet 443 port.

View 13 Replies View Related

Cisco Firewall :: 5510 - Load IOS And Configure From Another ASA?

May 2, 2011

Have a new ASA 5510 connected to the laptop via console. I need to load the IOS and the configure from another ASA. I have tftp client on the laptop. Do I just need to set the inside IP to the same subnet as my laptop? Will I need a crossover cable?

View 1 Replies View Related

Cisco Firewall :: Unable To Configure NAT ASA 5510

Jun 15, 2011

I have an ASA 5510 and I can not configure fine.

My problem is that I have 10 public address connected to ASA and each public address is redirectioned to an internal IP address.
An of these public address is the ip address of mi ASA.
how to configure and access-list and an NAT, the others I will configure.
interface Ethernet0/0
description Interface_WAN_World-Ttrends
speed 100
duplex full
nameif outside(code)

View 59 Replies View Related

Cisco Firewall :: ASA 5510 - Configure HA Failover

Jun 8, 2013

I have 2 ASA5510-SSL50-K9, can I configure HA Failover ?

View 7 Replies View Related

Cisco Firewall :: 5510 Need To Configure Public IP In Few Devices

Apr 13, 2013

I have a few devices that the manufacturer told us we have to set with a public IP (No Natting) We have Internet ->ASA5510-> Switch 3550 with 3 vlans.  Up to now we have always use Natting to configure internet access to specific devices. I heard setting up a witch with one VLAN connected to the internet and all other internals is a bad idea. that was the only Idea we had.

View 3 Replies View Related

Cisco Firewall :: How To Configure NAT Port Range On ASA 5510

May 22, 2012

i have a cisco asa 5510 and would like to add a NAT rule for a range of ports like 50000-59999

View 15 Replies View Related

Cisco Firewall :: Configure Internet Access - ASA 5510

Dec 9, 2012

I have to configure a default-factory firewall (ASA 5510) in a simple scenário like this image represents:At this moment i have configured the interfaces as represented above and at this moment what i want is grant access from a LAN computer ( to the internet.
Should i configure some acl? I read that all traffic from an interface with a superior security level to other interface is allowed, so since my inside interface has a security level of 100 and the outside 0, it should be possible access to internet from an inside computer?!
From all configurations and examples i have seen around, they all contemplate a fixed IP address from the ISP, but in my scenário i have a dynamic one. This fact matter for the configuration i want to do?

My firewall is running the software version 8.2(5).

View 7 Replies View Related

Cisco Firewall :: Configure ASA 5510 For Internet Access

May 10, 2013

Cisco ASA 5510 and I want to configure it as an access gateway following this .[URL] the basic configuration steps on what to do on ASDM.

View 2 Replies View Related

Cisco Firewall :: How To Configure 4GE SSM Or ASA 5510 Internal Data Ports

Feb 4, 2013

I have inherited an asa 5510 whit 4GE SSM module installed. The asa runs fine, but i can not use the 4GE SSM ports. Using  ASDM or console i can get and configure the gigabitethernet1/x ports but i can not get traffic on it. The ping from the console to the ip address of the Gigabitethernet1/0 is successful. On switches or hubs connected to those ports i can not see the port's mac address. The two Internal-data0/0 and Internal-data1/0 are down and i can get they up. How to configure 4GE SSM or ASA internal-data ports.

View 8 Replies View Related

Cisco Firewall :: 5510 To 5520 Configure File Transfer?

Jan 3, 2013

Is it possible to import the config of a 5510 to a 5520. Trying to replace two 5510's with 5520's and wondering is there a way import the existing config files for the 5510's into the 5520's?

View 3 Replies View Related

Cisco Firewall :: How To Configure 5510 - 2611 Router / Two 2960 Switch

Dec 29, 2012

I have one Cisco ASA 5510 with 2611 router two 2960 switch how to configure.

View 1 Replies View Related

Cisco Firewall :: Configure ASA 5510 For Individual Server Traffic Routing

Jan 27, 2013

I am wondering if this is possible. We have multiple internet connections with fixed IP's coming into the office. We'd like to use one for FTP backup and another to service our websites. From what i have read a 5510 doesn't do policy based routing, but we'd like to configure our ftp server to use one of the internet pipes and our webserver to use another internet pipe. Is that possible?
We'd have two outside fixed IP interfaces and two internal interfaces. I could then use one of the internal interfaces for the web server and the other for the FTP server. consequently if the internal web server and FTP server use the fixed IP"s corresponding DNS server wouldn't that effectively route all FTP traffic out one interface and all web traffic out the other?
Then the FTP traffic would be NAT'ed to an internal interface and the HTTP & HTTPS traffic would be NAT'ed to a separate internal interface.
Then if each of the internal servers used the corresponding internal NIC on the ASA as it's gateway and the fixed IP's that correspond to the external DNS server, then it would affectively only use that gatway out for traffic? Would that work? Does it should route traffic out those pipes correct? Will the asa support two different next hop routers for the two different interfaces?

View 2 Replies View Related

Cisco Firewall :: 5510 How To Configure Local LAN SMTP Traffic Sending Through New Leased Line

Jun 11, 2012

We have configured ASA 5510. We have configure Ethernet 0/0 ( Outside ) connected with ADSL line and Ethernet 0/1 ( Inside ) Local LAN. we have configured NAT and all the traffic is passing through outside interface. Now we have connected ethernet 0/3 ( leasedline ) interface with static public IP. Now we want to allow  SMTP traffic to pass through  from this interface.
How to configure it if we want our local lan SMTP traffic sending through new leased line ( Static Public IP ).

View 2 Replies View Related

Cisco :: Difference Between Anti-virus And IPS

Mar 10, 2012

If I have an updated Antivirus in my network, do you still recommend having IPS installed in my network?

View 1 Replies View Related

Cisco WAN :: Anti Spoofing With 3825

May 5, 2011

Is there any way  to configure 3825 to ensure that all packets have a source IP address  that matches the correct source interface (similar to ASA's 'ip verify reverse-path interface')? Currently, we manage anti spoofing with a bunch of ACLs, however I'm looking for a more manageable solution.

View 2 Replies View Related

Anti-Virus For SBS 2011?

Aug 24, 2012

AV for SBS 2011 that also works with Exchange 2010? I found Trend Micro Worry-Free Business Security Advanced 7, but unfortunately it doesn't seem to have a free trial.

View 5 Replies View Related

What Is The Function Of Anti Static Protection

Jul 26, 2011

what is the function of anti static protection

View 1 Replies View Related

Dell :: XPS 17 3D Edition With No 3G

Jul 23, 2012

My specific Dell is the XPS 17 with the 3D screen (Model: XPS L702X). I checked product support and on this laptop it states a 3G card is not available on the 3D panel. I'm wondering why did they exclude the 3G card from this laptop. As far as I know, a 3D panel will have no effect on a 3G card (when Installed). Or is it they used the port for the 3G card for the 3D panel which I find highly unlikely.

I have contacted customer support but the people are not very informative. How to make this 3G card work in this laptop or how to get one in and make it work? 

View 4 Replies View Related

Cisco :: 5505 VPN Failed Anti-reply Checking

Apr 4, 2013

I have many VPN sites using ASA5505 with broadband connection and terminating on a single ASA5550.I have a problem with one site. they are having poor performance. One of the issues I can see is an error on the remote ASA 5505.ive tried the reccomended fix using this command: crypto ipsec security-association replay window-size 1024.

View 1 Replies View Related

Copyrights 2005-15, All rights reserved