Cisco Security :: ASA5520 Send Traffic To SSM Module / Internet Connection Becomes Slow

Jun 8, 2011

I have installed CSC-SSM-10 on cisco ASA 5520.I am facing two problems

1 : When I send traffic from ASA to SSM module then internet connection becomes slow and sometimes internet session disconnected.
2. When I try to manual update then following erros shows please see attachment .

View 6 Replies


ADVERTISEMENT

Cisco Firewall :: ASA5520 -CSC SSM (Trend Micro) / Browse Internet Slow

Nov 10, 2012

I recently deployed this module on Cisco ASA 5520 (v8.2.5) at a client's place. I'm having problems. Even if there's 1 user, browsing Internet is super slow. If I were to bypass the CSC SSM (for 10 users) module by removing the "service-policy TEST interface inside" command, browsing Internet is very fast. Based on my troubleshooting, if I were to disable Web Filtering, Web Reputation and URL Blocking & Filtering, and leave all other services enabled, then the browsing is fast. how come I enable the 3 services stated above and browsing the Internet is slow, even for 1 LAN user. I don't have any thing configured under these 3 services. Just by enabling the services alone, it's already slow. It doesn't make sense for Cisco to sell such an expensive product and it can't even handle 1 user with no settings but services enabled.

View 5 Replies View Related

Security / Firewalls :: Why Does Kaspersky Slow Connection So Much

Dec 13, 2011

I have ran speed tests using speedtest.net whilst having my kaspersky internet security 2011 both enabled and disabled.With it enabled, i get download speeds of around 3MbpsWith it disabled, i get download speeds of around 12Mbps3Mbps is awful and loading webpages can take a long time sometimes. What can be done to resolve this problem?

View 3 Replies View Related

Security / Firewalls - Traffic Block Warning On VPN Connection?

Jan 21, 2012

On connecting VPN, i am getting this warning: Enabling VPN connection will block all traffic that doesn't get sent to this peer. After Yes, it stops all browsing. I want to access internet plus vpn connection.

View 4 Replies View Related

Cisco VPN :: ASA5520 Internet Connection Will Drop / Client Disconnects

Jan 8, 2013

A lot of times our users will have a bad connection from where they are connecting in from. Their Internet connection will drop and the VPN Client disconnects but on our Cisco ASA5520, the connection will still be connected and when their Internet connections comes back, they are not able to connect as the session is still up on the 5520. Is there a way to make the connection clear quicker? I have IKE Keepalives on the RA Profile (Confidence 300 seconds, Retry Interval 2 seconds) but it seems to keep the session longer than that. Is there anything I can do to make the connection clear quicker?

View 2 Replies View Related

Cisco Security :: ASA 5510 - Internet Connections Dedicated VPN Traffic

May 22, 2011

We have an ASA5510 and we're currently using 1 internet connection to handle our site-to-site VPN connection and our internet traffic. We have a second internet connection on hand. What we would like to do it use BOTH internet connections: (1) will be dedicated to our VPN connection, (1) will be handling all our internet traffic. How can we get this setup? We're running Software Version 8.4(1)

View 1 Replies View Related

Cisco Routers :: How To Send All Traffic Via VPN - RV082 V3 Hardware

Feb 17, 2013

I found this guide in order to send all traffic from RV042 branch office to the RV082 in the central office: [URL]
 
But that guide is for v2 hardware. I tried and did not work, so I wonder if there is newer info for v3 hardware (firmware v4.2)
 
I have a RV042 in a brach office connected via working VPN Tunnel to a RV082 central office. I want to route all traffic from the brach office to the RV082 in the central office.

View 2 Replies View Related

Cisco :: Firewall ASA5520 Is Very Slow

May 8, 2011

I have one firewall ASA5520, are very slow

View 3 Replies View Related

Cisco VPN :: ASA 5520 - Send PIX501 Traffic Out To Proxy Server?

Mar 17, 2011

I currently have 90 remote locations that have PIX501's. They are all running 6.3 on them.  All of these locations are creating an IPSEC VPN to my ASA 5520 (8.4) at the data center.  Web access at the remote locations is currently being handled with ACL thru split tunnels. This is getting increasingly not fun as I have to reach out and touch them one at a time whenever I have to allow more access to the net. Code...

I would like to keep my split tunnel (if possible) for ports 443 and 21.  I allow access to "any" on those ports and have no plans to change it.

Can I send port 80 down the VPN tunnel to the Proxy/Web Filter and then return the results to the Remote Client.

View 4 Replies View Related

Cisco Switching/Routing :: 2911 Cannot Send Or Receive Traffic

Feb 21, 2013

’m somewhat new to Cisco routers this is my first attempt at getting one to work. I work in an environment with multiple locations, most are using the Cisco Model: 2911/K9 or the Model: 2921/K9 routers running IOS Version 15.0.We just added a new small office and all I had in the way of a router was a Cisco C1841-IPBASE-M router, running IOS Version 12.4.When setting up the C1841 I kept the configuration pretty much the same as the others allowing for the differences in the OS. I can remote into the 0/0 (outside port) from over the network, I can ping to that port without fail, but I can’t send or receive traffic from the 0/1 (inside port).

View 1 Replies View Related

Cisco Firewall :: Unable To Send IPv6 Traffic Through ASA 5510?

Oct 9, 2011

below is my sanitized ASA 5510 config.  got an IPv6 T1 from at&t and im unable to pass any traffic from my LAN clients out. 
 
:
ASA Version 8.2(2)
!
enable password PoBmYYxuAzCciKRA encrypted

[Code].....

View 6 Replies View Related

WRV54G - Server Cannot Send Outgoing Traffic Through Network

Dec 30, 2011

I cannot get my server to send outgoing traffic through my network. I.e. If i try to connect to any of my services i get a very weak connection. Now, i can still CONNECT, i just don't get any data flow. I cant even PING the server internally, it just times out. Now, regardless of whether i use my internal IP/external domain, i get the same issue. I logged onto my computer and tried a speed test the download was normal (around ~20mbit) but the upload times out.

Here is the fun part, if i connect to the server using a switch, everything works fine! Is it my router or some stupid configuration issue? Router is a WRV54G (I hate this thing). Server is running windows 2008 and has a virtual machine.

View 3 Replies View Related

Cisco Routers :: RV220W Machine Can't Send Or Receive Any Traffic To WAN Side

Aug 22, 2011

I have a RV220W (running fw version 1.0.2.4) that i am trying to configure for a client.  They are set up on Comcast with 13 available IP's.  I should note that this netowrk is now currently running without issue using a Cisco Pix 506e.  Unfortunately, the Pix is almost impossible to configure using the GUI now as I have to load a 4-year old version of Java now just to get the PDM to load. But I digress.I've set up the RV using the identical settings as the Pix on bth the LAN and WAN side.  When I do, computers on the LAN side can all reach the Internet ok.  However, once I enable one-to-one NAT for an internal server, that machine can't send or receive ANY traffic to the WAN side.  I've even tried setting access rules enabling ANY traffic in both directions, and that has no effect.  Either I'm missing something, or this is just one more bug in this product.
 
Even though it was a bit of a step down going from the Pix to the RV220W, it was done for the ease of setting up VPN's as I was ready to purchase a second one for a new satellite office opening in a few weeks.  It looks like we will be switching vendors on the router side as my faith in Cisco is waning at this point.

View 1 Replies View Related

Cisco WAN :: VLAN 310 - Apply Route-map / Send Traffic Back Down To Switch?

Sep 26, 2011

I have some specific traffic that I am attempting to pull off of VLAN 310 at the router, apply a route-map that sends this specific traffic  back down to the switch on VLAN 55 (and the private address) and once it hits the switch apply a route-map on that VLAN 55 interface directing the same traffic over to the 72.x.x.9 address which goes through a FAP box back up to the router on another interface.

I have attached the config information, I know this isnt the best practice way to do this however right now this is how I have to do this.When runing a trace from the net traffic stops at .2 and when running a trace from my test /30 it stops at .2 as well. I am not sure what to do at this point

[code]...

View 6 Replies View Related

Cisco Firewall :: ASA5520 8.0(2) Does Not Have Traffic Shape Feature

Dec 21, 2011

Recently I want to apply traffic shape on my ASA5520, but after entering the configure mode of policy-map, I couldnot find the shape command.. If I type the command, the device would notify me that there is no such command..  My version is 8.0(2),PS. Police command is working fine...

View 5 Replies View Related

Cisco Firewall :: Configure ASA To Send All Traffic From (3) VLans To Interfaces That Connects To 2960?

Apr 18, 2013

I have a an ASA 5520 connected to a Layer 3 (3750) switch (Inside) and a connection to a 2960 switch (Outside) to get to the internet. . I have created vlan interfaces on the 3750 switch and enabled ip routing on the switch to enable the vlans to communicate with each other.
 
Vlan Interfaces on the switch:
Vlan 100 172.17.1
Vlan 200 172.18.1
Vlan 300 192.168.3.1 
 
I want the devices connected to the 3 vlans to be able to pass through the firewall and get out to the internet.I have connected the ASA to the 3750 by routed interfaces (10.10.10.1) --------- (10.10.10.2) and they are able to ping each other.I have also put a default route on the 3750 sending all traffic from the switch to the ASA inside interface (10.10.10.1)The issue that i am having is that the ASA also connects to a 2960 which has a connection to the Internet, and they are handing off an ethernet connection from the 2960 that sits in VLAN 55 (Vlan 55 is the Internet accessible vlan).How do I configure my ASA to send all traffic from my (3) vlans to the interfaces that connects to the 2960 switch?

View 21 Replies View Related

Cisco Security :: Copying Configuration From PIX To ASA5520?

Aug 21, 2012

i hav asa5520 i copying configuration from PIX to ASA5520 (7.2) everything working fine bt problem is that after sometime my DMZ interface losing connectivity ...

View 1 Replies View Related

Cisco Security :: ASA5520 How To Proceed To Get K9 Software

Feb 26, 2013

I have an ASA 5520 K8 with a smartnet contract, how can I proceed to get K9 software so that I will be able to use 3DES/AES encryption key.

View 1 Replies View Related

Cisco VPN :: ASA5520 / L2L VPN Security Level Higher To Lower?

Feb 3, 2011

We have an ASA5520 firewall, IOS 8.0(4), running in routed mode with an operational Cisco 2821 router to ASA-5520 L2L IPsec VPN.:All Internet searches explain how to enable a L2L IPsec VPN from the LOWER security-level interface to a HIGHER security-level interface- and this is how our setup is configured and it is operational and working fine.:We now have a need to setup another L2L IPsec VPN tunnel on the same firewall BUT this time traffic will be arriving on the HIGHER security-level interface destination is to a LOWER security-level interface.:Is it possible to enable a L2L IPsec VPN tunnel between a HIGHER security-level interface to a LOWER security-level interface?

View 5 Replies View Related

Cisco Security :: ASA5520 How To Remove Configuration File

Jul 15, 2007

I want to put the asa5520 to the factory default please let me know how to do that. how to remove the configuration file from it.

View 5 Replies View Related

Cisco Security :: ASA5520 Replace A Fortigate 310B With Products

Aug 4, 2011

i need replace a Fortigate 310B with Cisco products, that is, all Web Filtering, IPS/IDS, AV, so, the question is, what we can use to replace?First, we can use Cisco ASA 5520 right? with CSC Module, so, this for Anti-X, but for IPS? is better router with IPS on IOS? or IPS Sensor? or other Cisco ASA with IPS Module?

View 3 Replies View Related

Cisco Firewall :: Security Context License Requirement - ASA5520

Jan 14, 2013

A simple question - I have ASA 5520s and was wondering what license is required to create multiple (more than default 2) security contexts.

The ASA already have ASA 5520 VPN Plus license.
 
Software Version 8.4(1)

View 2 Replies View Related

Internet Connection Get Slow And Need To Restart Connection

Nov 5, 2011

I have problem with my Internet connection. Recently my Internet connection often get slow. There are 3 connections on the server running Windows Server 2003. 1st is External, 2nd is Internal and 3rd is VPN (please see attahement). There is nothing to do with External and Internal connections, and everytime the Internet connection get slow, I have to disconnection VPN (connection) and connect it again.

View 5 Replies View Related

Cisco Firewall :: Configure HTTP Traffic To ISP2 And Static NAT To ISP1 On ASA5520?

Jun 20, 2011

is this possible to configure HTTP traffic to ISP2 and Static NAT to ISP1 on ASA5520?

View 2 Replies View Related

Cisco Routers :: ASA5520 And RV042 - Tunnel Get Connected But No Ping / No Traffic Between Both End Network

Sep 13, 2011

I configured ASA5520 and RV042 for site-to-site IPSec VPN tunnel.Tunnel get connected, but no ping, no traffic between both end network.
 
Network:
=======
 192.168.113.0/24----------192.168.113.6 -ASA--------public, static IP address------Cisco 2821--------Internet
 192.168.10.0/24-----------192.168.10.1 -RV042-----public, static IP address------Cisco 2821--------Internet
 
ASA5520 config:
----------------------
name 192.168.10.0 VPN
 !
interface GigabitEthernet0/1
nameif NET
security-level 100
ip address 192.168.113.6 255.255.255.0

[code]....

View 5 Replies View Related

Cisco Security :: ASA-5540 / UI - Send Command ASDM Location (network Object IP Address) To Device

Dec 17, 2007

When ever I create a network object in ASDM 6.0(3) the UI also wants to send the command 'asdm location (network object IP address)' to the device.What is the purpose of 'asdm locaction ....'?  Is it telling the ASA-5540 that the IP address is allowed to connect to the device using ASDM?If that is the case why does 'asdm location xxx.xxx.xxx.xxx'get denerated for every network object I create?

View 3 Replies View Related

Cisco Security :: CSC-SSM-10 Module Cannot Update

Jan 28, 2011

I have Cisco ASA 5510 with CSC-SSM-10. ASA anti-virus service can not update the Base and Plus lisense. No Activation Code required for renewal. I go to "Administration> Product License" in the CSC SSM console and click "Check Status Online" to get the latest expiration date.In the module on the Check Status Online has reported the following error when: Base License status could not be checked because of a license server failure. "Please try again later", "Plus License status could not be checked because of a license server failure. Please try again later". UPDATE manual virus database can be seen in the latest available version, can not be upgraded because the service expired.

View 2 Replies View Related

Internet Connection Is Very Slow

Jan 24, 2011

We have a 4mbps unlimited connection and the internet speed which is connected via wireless to 2 systems, is good in one system out of two. the connection in one alone is very slow i mean dead slow.

View 2 Replies View Related

Internet Connection Keeps Getting Slow?

Apr 26, 2012

For the past two weeks or so, my internet connection on my pc has become extremely slow(from 200kb to 10). Not only has it gotten slower, i also cannot download anything without the connection stopping. The problem, i believe began a couple months ago with just youtube videos streaming slower and downloads stopping ever few minutes, but until these past two weeks its never been that much of a issue. I know the problem is isn't my dsl because it works fine with other internet capable electronics so it must be a software/driver issue.The svchost uses up 100% of the CPU when something tries to update so it likely might be a windows based program acting up.

View 7 Replies View Related

Cisco :: Slow Internet Connection On 2811?

Feb 21, 2013

I have my router connected to my ISP, but for some reason I am getting really slow internet connection compared to a home Linksys router. I can only think it may be to the fact my port is set to auto speed and auto duplex.

Sometime the websites are fast, other times slow. Cannot seem to pinpoint the reason since my code is so basic.

View 8 Replies View Related

Cisco Security :: Does ASA5540-bun-k9 Support CSC-20 Module

Dec 13, 2011

One of my client want to upgrade its already installed ASA5540-bun-k9 by adding CSC-20 Module. As per below link CSC-20 is supported with ASA5540. but for any reason the ASA5540 bundle option with CSC Module  is not available that create confusion.Will CSC-20 Module work with ASA5540-bun-k9 [URL]

View 2 Replies View Related

Cisco Firewall :: ASA5510 / Block HTTPS Traffic In CSC Module?

Dec 15, 2011

I am having an ASA5510 with a CSC-SSM-10 module. I am able to block http traffic through the ASA but cannot block https traffic through it. Need to block https traffic using the CSC module.

View 19 Replies View Related

Cisco Application :: ACE20 Module - Capture Probe Traffic?

Mar 5, 2013

I have an HTTPS probe that sometime fail, sometimes does not fail.
 
[code]....
 
The probe that sometimes fails is the TEST-HTTPS. The TCP_443 probe works perfectly well.The ACE is configured in bridge mode.Is it possible to capture the PROBE traffic on the ACE side?

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved