Cisco Firewall :: Block Gtalk On New 2911 Security Enabled Router?

May 8, 2010

I want to block gtalk on my new cisco 2911 security enabled router.

View 3 Replies


Cisco WAN :: Block Some Port From Outside To Inside On Router 2911

Sep 5, 2012

What is the configuration for allow port from Outside to inside( 80,21,https...) and i want to allow traffic from outside to inside only 80,https and 21.

View 1 Replies View Related

Cisco Firewall :: Configure 2911 ISR To Block Peer-to-peer Traffic?

Jul 25, 2011

I see that Application protection - blocking peer-to-peer file sharing traffic is a capability of Cisco IOS Firewall. How do i configure my Cisco 2911 ISR to block peer-to-peer file sharing traffic?

View 1 Replies View Related

Security / Firewalls :: How To Block Ultrasurf Using Fortigate 200AA Firewall

Jul 25, 2012

I'm using Fortigate 200A firmware Versionv4.0.3,build0106,090616 and IPS Definitions 2.00673 (Updated 2009-08-11).

View 1 Replies View Related

Cisco Switching/Routing :: 2911 IP Conflict With Proxy Enabled

Jun 3, 2012

I had problem with  IP conflit address  from cisco router 2911 , all the time the router respond with ARP reply (duplicate use of IP : x.y.z.t with the same Mac Address ) and the IP subject of conflit dosen't appear in any router's interfaces configuration  (basic configuration without dhcp) ,the problem was solved  problem when I desactivete proxy arp but I can't understand this behavior , why arp proxy respond to all IP address with same Mac even the IP dosen't exist in router ?

View 4 Replies View Related

Security / Firewalls :: Connecting To A Security-enabled Wireless Network?

Jan 19, 2013

I am trying to connect to a Security-enabled wireless netowork. I have the key. My problem is that I can't seem to figure out how to enter it. When I try to connect I open the "view available networks"window. I see the network name and it shows a strong signal (all 5 green bars).

View 3 Replies View Related

Cisco Switches :: SGE2010 Does Not Block Ports Even With STP Enabled

Jul 28, 2011

We are experiencing bridge storms and network slow downs and we believe we have traced the issue down to users plugging a cat 5/6 cable between 2 ports on the wall both wired back to a SGE2010 switch.
So we did a test - we plugged a single short cat 6 cable between 2 ports on a SGE2010, our access switch. Suprisingly, even with STP enabled, the switch DID NOT block one of the ports and in a few minutes the ENTIRE NETWORK was down, as CDP, STP, and ARP traffic became a multi-gigabit storm throughout the network.
Why on earth does this switch not block a port that is obviosly looped?
Every other cisco switch since I started on 1900XL's did this in 1999.

View 1 Replies View Related

Cisco WAN :: Install Security Licenses On 2911 Router?

May 27, 2013

i'm trying to install the security licenses on a 2911 router and is giving the error shown in the attached file

View 4 Replies View Related

Cisco Switching/Routing :: 2911 Router With Base And Security

Feb 12, 2013

We have purchased a number of 2911 routers.We got Base & security license as we wanted to enable encryption. However we probably wont use the security.We are replacing 2811 routers.Unfortunately the 2811 routers have FXS ports with 2 - 4 POTS handsets - I completely forgot about these ports when I was ordering.Now I have VIC3-FXS cards which are ok in the 2911 but unfortunately I cant get them to work.I am missing PVDMs (well adapters anyway), and even if I got them the router wont take any commands relating to voice due to the license.Is is possible to 'rehost' the security and turn it into a UC ?I am new to these 2911 and Licensing.

View 1 Replies View Related

Cisco Security :: Block Access To Some Websites On 887 Router?

Jul 11, 2011

I went through all discussions regarding how to block access to some web sites. And I was trying to implement them but it didn't work. I've used 887G-3G-K9 router and UC540, and I'm not sure if it's possible to do that on them or I need to get a license for that or to buy  ASA. How can I check that URL blocking is available feature on those devices?
I've used 2 methods:

1) ACL
2) class-map and policy-map
class-map match-any http
match protocol http url "**"
match protocol http url "**"


View 1 Replies View Related

Security / Firewalls :: Block P2p Software In Network Through Router?

May 5, 2012

My problem is that I want to block p2p software in my network through router, how can i do for this...

View 1 Replies View Related

Cisco Switching/Routing :: 2911 / Block All Traffic But Allow One Way Data Transfer?

Feb 5, 2013

I am trying to connect a Control network that can not have access to the Internet, or any other network for that matter, to my Admin network so that I can retrieve trend data about the plant that goes into a database. Right now the process is print information, hand jam into excel spreadsheet, print again, and hand jam into another excel spreadsheet on the other network. Reports are printed automatically once a day, but would like a simplified way of getting data from one network to the other without having to re-enter data several times. Current policies stipulate no USB drives connected to Control systems. Even if we could loosen that, personnel needed to transfer data is not available and going to each individual machine would take more time than current system.Now that background is laid, I have two 2911 ISR routers with EIGRP configured, each with a 4 port EHWIC card. The 3 L3 ports on the router are setup as follows: interface G0/1 to the internet, interface G0/2 to a wireless  back haul, and interface G0/0 for IT network. I then have 3 VLANs setup on the EHWICs for our Admin network. We will move the IT network to a VLAN on the remaining EHWIC port and connect the two 2911's through the G0/0 interface. I am going to have one computer on my Administration network dedicated to receiving the information and have a program that will take that data and import it to a database. I need to allow only that computer to receive traffic from the Control network and I need no traffic to flow back into the Control network. In other words I will transmit data from the control network to the admin computer using one protocol (TFTP more than likely) and block any other traffic coming out of and going into the Control network.

View 1 Replies View Related

Disable Security Enabled Wireless?

Feb 1, 2011

We have a standard modem/wireless setup that has worked fine for years. Last month, my sister brought her laptop over and, for some unknown reason, choose "set up a connection or network" and unknowingly changed the setup to a security enabled network. I have no idea why she couldn't just log on without any problem. She has the same modem at her house, and I have no problem logging on at her house. Anyway, it now asks for a password, and she swears she never entered one. I can go online if I plug in an ethernet cord but that means my laptop can only go online at my desk. And I cannot use the internet features on my ipod touch. Is there a way to reset the modem back to a regular unsecured setup?

View 4 Replies View Related

Cisco Firewall :: 2911 Router Zone Firewall And IP NAT Enable

Mar 20, 2013

I have a simple setup where I have a 2911 router with three interfaces, Inside, Outside and a second "Inside" interface which is labelled as a DMZ. The Zone Firewall applied to the "DMZ" is actually Inside (until I can work through problems). I need to be able to access a device on the DMZ via its external IP so I have designed NAT to use IP Nat Enable commands. This is now working for me fine. However, since utilising IP Nat Enable, my zone firewall now denies return TCP / UDP traffic and consequently I no longer have any internet access. Looking at the syslog messages, the reason for this is that the router is denying these return flows not because they are matching the outside-to-inside policy, but rather they are matching the outside-to-SELF policy. The router seems the detect that the internet traffic is being returned to SELF, when in reality the NAT rule should pick this up and forward it to inside. I can understand why this is happening, because I am NATting all private / inside traffic behind the external IP of the router, which is assigned to the Gi0/0 interface. [code]

View 1 Replies View Related

Connecting To Security-enabled Wireless Network

Jan 22, 2011

My Toshiba laptop running Vista as an operating connects just fine to the wireless network at my house. However, I will soon be house-sitting at a house that also has security-enabled wireless available. I connect just fine at my house, but whenever I put in the password at their house it says that that it cannot connect because of a timeout. I can't figure out what the problem is, because I recently went to the public library that has wifi and got on just fine. why in the world it will not connect to this specific wireless router??

View 7 Replies View Related

Security Enabled - Laptop Locked Out Of Wireless Network

Aug 4, 2011

My wife and I Security Enabled our wireless network several months ago.We recently moved, and after transferring Internet service, we realized we'd lost our passkey.My wife's laptop has, after one failed attempt to connect to the network, refused to even show the network as an available connection.We currently have the router set to broadcast SSID.We have restored factory settings on the router and completely revamped the security setup.We've removed all other networks in the area as optional connections on her computer.We also replaced the ethernet cord to my desktop because the old one started erratically disconnecting.Nothing's worked.My wife's computer is a Dell laptop using Windows Vista.

View 6 Replies View Related

Cisco Security :: PGM Configuration On 2911?

Aug 29, 2011

I try to configure PGM in my 2911 plattform but it was impossible. I tried with many 15.1 version that support this protocol.
Someone configured PGM over 2911 Routers? What does correct IOS for work?

View 4 Replies View Related

Cisco Firewall :: Enabling IPS On 2911 Router?

Sep 20, 2012

I enable the IPS  on the 2911 router .  I am using the Basic IPS signatures that are inbulid on the routers . But sill it showing , that no signature is active .
ip ips signature-category
  category all
      retired true 
ip ips signature-category
   category ios_ips basic
      retired false


View 1 Replies View Related

Cisco VPN :: 2911 - VPN License / Security Pack

Sep 25, 2012

We are designing a solution for our customer, they plan to connect 5 site to their main office, on the main office, they use CISCO2911, branch use CISCO1921, so my question is:
1, If I want to use IPSec VPN connect branch and main office, apart from the router, I only need to buy the Security pack, like SL-19-SEC-K9/SL-29-SEC-K9, no need to buy SL-19-DATA-K9/SL-29-DATA-K9, am I right? 

2, If I want to use SSL VPN connect branch and main office, apart from the router and SL-19-SEC-K9/SL-29-SEC-K9, I only need to buy L-FL-SSLVPN10-K9 for CISCO2911 in main office, no need to buy L-FL-SSLVPN10-K9 for branch as each CISCO1921 has two default SSL license?

View 2 Replies View Related

Cisco Security :: 2911 Routers - Does ASA 5510 Support BGP

Jan 25, 2012

I have a new BGP configuration that consists of two asa 5510 and two routers 2911 at the back. My question is : Does asa 5510 support BGP?

View 1 Replies View Related

Cisco Security :: Block Port 135 Using CSA On Windows 7?

Mar 13, 2011

I have installed CSA on windows 7 with rule to block rpc port 135.But when i am scannig this host, this port is still opened.I changed OS to Win Vista,Win7 x86, but there is no changes.Is it possible to block port 135 using CSA on windows 7?

View 2 Replies View Related

Security / Firewalls :: How To Block Website

May 20, 2012

I want to block and but my router says invalid domain so if will the guess network be able to go to page and even though I don't block it? I have a bypass account but don't want anyone else to access and Also can you tell me some proxy sites I can block?

View 11 Replies View Related

Security / Firewalls :: How To Block Traffic From A Lan Ip

Jan 16, 2013

when I run nestat -b command. I always see a lan ip sending TCP traffic to my computer with state syn_receivedProto >> Lan Address >> Foreign Address >> state >> Process idTCP >> (my ip) >> ip) >> syn_received >> 4

View 6 Replies View Related

Security / Firewalls :: Block Bad Like Porn Sites?

Jan 22, 2012

how do i block bad sites like porn sites?

View 9 Replies View Related

Security / Firewalls :: Computer Trying To Block Websites?

Jan 6, 2013

my brother's computer has been trying to block numerous websites recently, most notable google/youtube and apple. it doesnt seem to be a problem directly with his firewall, but it's causing many issues. I read another forum post stating to[CODE]

View 14 Replies View Related

Cisco Firewall :: How To Block Websites Using Local Content Filtering On A 876 Router

Nov 3, 2012

I found an interesting manual at this forum for blocking websites whits local content filtering. After I've modified the variables to get more details, I stopped at on question. My current Problem is "zone-pair.
zone security Z-SECRUTIY-SOURCE
zone-pair security ZP-SECURITY source Z-SECRUTIY-SOURCE destination Z-SECRUTIY-DESTINATION
service-policy type inspect CM-INSPECT-TRAFFIC


View 7 Replies View Related

Security / Firewalls :: Block Software With Password Bypass?

Sep 2, 2011

I am currently running a Windows 2003 Server Edition and I have an issue, we run a small piece of software for controlling the nights takings which connects to the tills database on the network.This piece of software is not password protected and is held in a safe, however it has come to our attention that an employee may have taken possession of a copy of this application and we need to block the application been run on the network.Now this is were it gets difficult, I know to stop the application I could just use the Software Restriction Policy with Hash Rules which would solve that. However the problem is that sometimes people WILL need to run this software on the network and not get blocked.These people may not have their own accounts etc so I am trying to workout a way that we can allow someone to bypass the software restriction policy with a password prompt, is this possible or is their another way around this issue?

View 1 Replies View Related

Security / Firewalls - Traffic Block Warning On VPN Connection?

Jan 21, 2012

On connecting VPN, i am getting this warning: Enabling VPN connection will block all traffic that doesn't get sent to this peer. After Yes, it stops all browsing. I want to access internet plus vpn connection.

View 4 Replies View Related

Security / Firewalls :: How To Block Unwanted URLs Or Sites

Dec 27, 2011

How to block the unwanted urls or sites in firewall?

View 2 Replies View Related

Security / Firewalls :: How To Block Websites From Viewing Personal Information

Mar 18, 2012

In my curiosity, when I typed one of my family members, I was so shocked to find that his personal information is right on the websites, as if he gave 'permission' to see his privacy, i.e., his age, marital status, even his home address. when I typed all of my family members, their personal informations are also on websites as if they all gave 'permission' to see their privacy.

It's 'privacy invasion' to see all of our family personal informations.

My question is; How to block websites from viewing all of my family members' personal informations?

View 3 Replies View Related

Cisco Routers :: 881 With Firewall Features Enabled

Jul 13, 2012

I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled.  I see the following commands defining packet inspection done by the firewall software.
-ip inspect name inet-users tcp
-ip inspect name inet-users udp
-ip inspect name inet-users icmp
What I am trying to define is the inspect name "inet-users".  It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.What does "inet-users" define?  I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct?  The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.

View 1 Replies View Related

Cisco Firewall :: How To Verify If CG-NMS Is Enabled On ASA5520

Apr 11, 2013

how do I verify if CG-NMS is enabled on ASA5520. I just need to know if it's enable/install to be enabled and used?Cisco Adaptive Security Appliance Software Version 8.0(5)28..Device Manager Version 6.1(5)51

View 1 Replies View Related

Cisco Routers :: RV042 - Firewall And SPI Enabled

Jan 14, 2013

this is regarding my RV042. Its firmware version is v4.1.1.01-sp (Dec 6 2011 20:03:18), unchanged from how I received it. I purchased less than a month ago. I have a problem wherein the firewall behavior is not what I expect it to be, where I expect only allowed ports/services to be open to a given private IP from the outside but am finding that all are open to that private IP!
Let me describe the current configuration. I am going to blank out all digits of the public IP addresses when discussing them except for the final digits for security reasons.Router's WAN1 is set up as static, X.X.X.189. This is part of my public IP block. WAN2 is disabled. One-to-One NAT is enabled. Three instances of it are set up. One, for example is (a private IP) mapped to X.X.X.180, a public IP, part of our public block. Forwarding is not enabled. There is no DMZ Host. That is set to Firewall and SPI are Enabled. Access Rules for the firewall are set up in addition to the default rules which are present to Deny all traffic with WAN1 and WAN2 as the source from any source to any destination. This to me means that unless I set up Allow actions, there should be no access from the outside, WAN1. As an example of one of my Allow rules, I have this:

Action: Allow
Service: HTTP
Log: Not log
Source interface: WAN1
Source IP: ANY
Destination IP: Single,
Time: Always

My problem: My expectation is that based on the One-to-One NAT setting, the public IP X.X.X.180 is now associated with the private IP, but nothing from public to private is allowed unless allowed by the firewall, which is only set to allow HTTP / port 80 to But the behavior is that is, as presently configured, open to everything from the associated public IP, not just port 80, but all ports! It is as if my firewall rules have no impact whatsoever.

View 3 Replies View Related

Copyrights 2005-15, All rights reserved