Is there a way to set up a new admin user on ACS 5.2 appliance through logging into the device via SSH?
We lost our password for https access but can get in via ssh. I want to set up another user with https access from the SSH interface.
we are having some trouble setting up our router (Cisco 861W) webserver on the LAN so that it can be accessed from outside (http via port 80). When we try to access it via the web address, we just get the login window of the Cisco router software?
View 10 Replies View RelatedI use 3 interfaces on an ASA 5510. First interface is Lan, Second interface is Outside, Third interface is ADSL The Outside interface is used for VPN L2L and smtp traffic. (Leased line on router managed by ISP)The Adsl interface is used for Http traffic. (Adsl Cisco router) I use this configuration found on another forum subjet for routing.route outside 0.0.0.0 0.0.0.0 x.x.x.x 1route adsl 0.0.0.0 0.0.0.0 y.y.y.y 2 nat (inside) 1 0 0global (outside) 1 interfaceglobal (Adsl) 1 interface static (Adsl,inside) tcp 0.0.0.0 www 0.0.0.0 www netmask 0.0.0.0 The problem is now I have an www intranet server on the VPN remote site. How i can exempt the http traffic to the intranet server routed through Adsl interface?
View 7 Replies View RelatedI was unable to access my ASA 5520 using HTTP/HTTPS even on the management interface. I had upgrade the ASA IOS to asa832-k8.bin and ASDM to asdm-634-53.bin. But, the issue still the same.
My browser show the error message as attach image.
PGA-Firewall-02# sh run: Saved:ASA Version 8.3(2)!hostname PGA-Firewall-02enable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface GigabitEthernet0/0 nameif public security-level 0 ip
[Code]....
I will be adding wireless access points or repeaters on a business network. The business already has one wireless router using a https login, that 15 computers are wired to, through switches. This Secure http router is directly connected to the cable modem.Would I be loosing the benefit of Secure http by adding wireless access points or repeaters that don't support it? Or would they be securely routed by the main https router connected to the gateway?I have never had the opportunity to work with a secure http router before.
View 4 Replies View RelatedMy father works at a mall in a shop and had bought a Brother 2270DW printer (wireless and wired networking) to find that it was a bit bigger than he had anticipated it to be and does not fit on his kiosk desk, and so gave the printer to me yesterday. He was wondering if it is possible to setup the printer so that it could be printed to from over the internet. After I reserved a DHCP IP address for the printer, changed 'admin' and 'user' passwords, and disabled some protocols, I made sure IPP was enabled and that port 631 (TCP) was forwarded on my DD-WRT router.
I added the printer as my external IP address [URL] in Windows, selected the correct driver as provided by Windows Updates, and attempted to send a test page without success.This would be my first time trying to setup a printer for over-the-Internet printing (aka IPP).what I could do to try get this to work?
I have a fresh SR520 that I only did two things to it using CCA 3.2(1):
1. Assign the address of FA4 to be 1.23.456.90 with a mask of 255.255.255.252
2. Declared a static nat of 1.23.456.90 port 80 to 192.168.75.12 port 80
I connected laptops to two ports:
1. FA0 (DHCP assigned laptop the address 192.168.75.12)
2. FA4 with the address on the laptop set to 1.23.456.90 and mask of 255.255.255.252
This is an exercise to simulate a cable internet configuration I will install the SR520 into.I can ping and point my browser to 1.23.456.89 and access the web server running there on port 80 via the inside laptop.I CANNOT point my browser to 1.23.456.90 from the outside laptop and make a connection.
What I am doing wrong with NAT? (I believe the problem lies therein as I did even try telling CCA to delete the firewall and I still could not connect to the inside web server).I have a network monitor (Wireshark) on the inside and see nothing coming across. I THINK I see successful NAT translations in the NAT logging (also in the attachment).
I am trying to set up my router to grant http traffic a minimum bandwidth of - for example - 5,000 kBit (if there is any http traffic).
So I set http min. rate to 5,000 while I set nntp min. rate to 1 However, when I run nntp downloads on several connections (e.g. 10) my single http download never goes above 1,000 kBit. Without any other connections I reach 8,000 kBit.
I am using a single 12 MBit line.
I am having pentium p3 zenith make,window xp sp3 is the operating system. Belkin router N150 is being used.,I am able to get connection through this router on other p4 pc of my friend.,but when I try to connect to my pc.,belkin router set up do not display.,and diagnostic network connection ,indicate that error 12007 could not connect to HTTP,FTP etc., IE 8 and mozilla firefox are installed and both give the same error i.e. connection to internet could not be established
Quote:
Windows IP Configuration
Host Name . . . . . . . . . . . . : home-1d64a843b7
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes[code].....
I am testing out some inspection options on an ASA 5505, and I am running into a situation in which applying a http inspection is dropping all outbound http traffic. I get a "protocol violation" error in the logs.
Here is the setup: I'm not sure why the web traffic is getting dropped.
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
[Code].....
We have an ASA 5510 version 8.3 (2) that we accept VPN users via a radius server. Is there a way to lock down a specific user that connects to the ASA as a SSL client or IPSEC VPN user? If the specific user were to connect to the ASA, we would want the user to have minimal to not access to our system.
View 1 Replies View RelatedI have a question about Cisco ASA 5505 firewall.We need 3 interfaces on the firewall , "inbound", "outbound" and "DMZ" , to control traffic between these zones.
Can we do this with Cisco ASA 5505 50-user bundle , or do we need to purchase Cisco ASA 5505 Security Plus bundle to get the DMZ zone working.
how many remote user connect using Cisco VPN client on Cisco Firewall ASA5520-BUN-K9? Already i read VPN Client FAQ But their have no information about user limitation.
View 1 Replies View RelatedI need to setup a new User ID and Password because of this "email outage" I have a ticket number MAEH04QRPZ
View 3 Replies View RelatedWorking on setting up a Cisco 10008 with PPPOE and it seems like we kind of have it working but only one user can get on.
Here is part of the config:
Cisco-10008#show run
Building configuration...
Current configuration : 4134 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
Also is there a way to show a specific user once they are connected with PPPOE? I'm currently using "show aaa sessions", but was thinking it would be "show pppoe something"
I have 4 story hotel with 40 rooms, 10 rooms in each floor, i want to setup wifi network to cover all the rooms, what should i do or what instruments to use, is it possible to make user based setup for each room.
View 2 Replies View RelatedI am configuring remote access VPN on a cisco router 3845. Works fine.
I was looking for configuring session and idle time configuration for groups and eventually users.
I am using the following Cisco VPN remote access configuration :
crypto isakmp client configuration group mygroup
key xxx
pool mypool
acl 101
max-logins 3
banner ^CHelloo ^C
Is there any command in cisco ios similar to Cisco ASA vpn group 1 session-timeout?
Time Warner used remote access to get into my wrt54g system and create a new user id/password for security. As a result, my hp printer will no longer communicate with my computer. HP says to hook up a usb from router to printer, but there's no usb port on the wrt model I own. I hooked up a usb from computer to printer but it did nada...
View 5 Replies View RelatedACE 4710 TACACS issues ,How to setup user with Admin context access permission. I have enable the TACACS and it can directly put me in Context mode not in Admin Context mode .
View 8 Replies View RelatedI'm setting up a new SF-300-08 with SNMP.I have defined Groups OK.But, when I go to Add User, the Group pulldown is grayed out and I can't add a user.
View 1 Replies View RelatedI'm trying to access the web setup page and I'm being asked for the user name and password. I have the password from the initial setup written down but apparently didn't also record the (changed) user name. It's not "admin" (tried that - and just leaving it blank - already).
Is there any way to recover the correct user name short of resetting the router and setting it up again from scratch?
i have a cisco DPQ3925 , im trying to setup user access for my kids to prevent them from accessing the net , i have set up the time of day and the user setup , but cant get it so u have to logon with the set user names to access the net.
View 3 Replies View RelatedI'm trying to setup a SSL VPN on a 2811. I believe I have the SSL VPN portion understood, but I can't tell because I keep getting stuck on the Certificate Server, ca trustpoint and identity trustpoint configuration.
guide that walks you through the CA cert, Cert Server, ca trustpoint and identitiy trustpoint to ios SSL VPN?
how to configure the ASA to support netflow V9, either in ASDM or CLI mode as welcome.
i follow the PRTG guide it doens't seem success to make the detection on netflow activity
need to know how to setup a security password for my router?
View 1 Replies View RelatedWhat is the best security setup for this model!
View 1 Replies View RelatedHow to set upo configuration & Security after reset
View 2 Replies View RelatedI am trying to get a NAC demo running and am having some issues with a Layer 2 OOB, Virtual GW configuration. Currently I have 3560G switches and would like to assign ports to a vlan based on user roles.
My Auth VLAN is 110 and maps to VLAN 11
Guest VLAN is 11 (172.16.1.0/24)
Employee VLAN is 1
NAS Mgmt VLAN is 20 - CAS is 10.10.20.5 (this ip is setup on both eth0 and eth1 per documentation for L2 OOB Virtual GW)
NAM Mgmt VLAN is 30 - CAM is 10.10.30.5
Untrusted (Eth1) switchport is setup as a trunk allowing only vlan 110 and has a native vlan 999 to blackhole traffic.
Trusted (Eth0) switchport is setup as a trunk allowing vlan 1, 11, 20 and has a native vlan 998 to blackhole traffic.
I also setup a Managed Subnet on the CAS with IP 172.16.1.254 and VLAN 110.Switchport controlled by NAC is access vlan 110. When a machine connects an snmp trap is sent to CAM and is forced into vlan 110. If I try to put the port in another vlan CAM puts it back to 110 immediately. This all seems to be working well.The machine connected to the port gets a DHCP address from VLAN 11. When I initiate traffic from this machine, everything is blocked. If I open a web browser I do not get an authentication page. I also installed CCA 4.1.10 on the machine but it does not find a discovery host and the Login option is grayed out. The only way to get this machine to send traffic is to add a filter for it and force it to the ALLOW option. I did setup a default web login page but I seem to be missing something to get authentication to work. I am running version 4.1.8 with a demo license. The host running CCA is Windows Vista.
How can I set up a network with different security levels to different groups?
View 3 Replies View RelatedHow do I Find network security key after router already set up
View 1 Replies View RelatedFind network security key after router already setup
View 2 Replies View RelatedWe got this software from Cisco and we need to setup this in our network to manage the firewalls.Need to know this software is used to centrally manage the firewalls ?Also how i can i know how to setup this in our network?Assuming this software we will first install on server right? it can be windows server ?Second thing to know is what config changes we have to do on the existing and new ASA so that they can be managed centrally?Also Where i will get the documents that tell me how to setup/install this software?
View 5 Replies View RelatedI have a Rv082 router that works great and I added a Cisco wireless Wap4410n to one of the ports and it works great for all my wireless connections. My problem is I cannot set up any security on the wireless connection. I see it on network majic pro but cannot access it thru my router . Do I have to install a poe switch first?
View 0 Replies View Related
