All of a sudden when trying to access my pix 515e with the PDM I get the following ,Gateway Failure The upstream server did not respond correctly to the request. The error was Connection timed out.
View 4 RepliesThe ACS is connected against AD correctly, as people from administrator group access successfully to device admin.AAA Clients are defined (autonomous APs) matching radius protocolPolicy elements > Authorization > Network Access, a new profile has been created to guaranteed the access to the network with all the combos in the default valueA new Access Policy > Access Service has been created (WIFI) matching protocols EAP-TLS (I think this is the problem)Identity is set to AD1Authorization has a rule with compound condition, matching AD1 -> External Group -> Wireless group, and Authorization Profiles set to the one created in step 3.
View 1 Replies View RelatedAccess Security DVR Outside Network? We are trying to get a Swann DVR4-1300 to work with our iPhones outside of our LAN.
View 1 Replies View Relatedhow to perform port security or mac access-list on LAN ports of router 861 or 881.There are commands access-list 700-799 , but I don't know how to apply that access list on configured vlan or particular port.
View 1 Replies View RelatedI try to configure my CISCO ASA 5505 for remote access vpn, and I encounter the following issue : Secure VPN Connection terminated locally by the Client. Reason 412: The remote peer is no longer responding. [code]
View 2 Replies View RelatedI still can't access ASDM. I deleted the old ASDM versions and upgraded to ASDM 7.1(1)52 which shows compatible with ASA 8.2(1). I'm on an inside NAT address connected to Eth 0/5, 192.168.1.5/24. I can ping and SSH to the FW but no ASDM. Following is passing traffic and everything else works just fine.
JEREMY-ASA# show ver
Cisco Adaptive Security Appliance Software Version 8.2(1) Device Manager Version 7.1(1)52
JEREMY-ASA# show run asdm
asdm image disk0:/asdm-711-52.bin
no asdm history enable
[Code]...
Recently I hired some people to set up a security camera network in my office. They gave me an ip to connect to. I've been trying to connect to it through internet explorer, but when i type it and click go, it says:"Some content or files on this webpage require a program that you don't have installed"
View 3 Replies View RelatedI forgot my wifi password, and my wife just received a new printer and laptop from her employer and I need to have wifi access for her. how do i find my wifi password
View 1 Replies View RelatedI went through all discussions regarding how to block access to some web sites. And I was trying to implement them but it didn't work. I've used 887G-3G-K9 router and UC540, and I'm not sure if it's possible to do that on them or I need to get a license for that or to buy ASA. How can I check that URL blocking is available feature on those devices?
I've used 2 methods:
1) ACL
2) class-map and policy-map
class-map match-any http
match protocol http url "*facebook.com*"
match protocol http url "*www.facebook.com*"
[Code]....
I have an ASA firewall and I have never configured an FTP server for a large scale network (well large in my opinion). I want to ensure we have the highest level of security available for the FTP and to limit only the specific users designated by an ACL. Would SFTP be the best available option for security measures? Should I only use Passive FTP and what range of ports above 1023 should I open for only 1 or 2 FTP clients at a time? Also if I use Passive mode do I need to use protocol inspection for FTP?Also, Currently I'm unsure of what files need to be accessed on our network but should the SFTP Server always only be installed within the DMZ?
View 4 Replies View RelatedWe have NAC 4.0.5 and windows active directory domain the clients log on to the client to access the network with their domain credentials and they used to get the "Certificate is issued from an untrusted." until I installed the url.. certificate to the local certificate store.
I seem to have done something on the NAC manager that messed up something, cause now the client considers the certificate issued from a trusted source, BUT a warning stating that the name on the certificate does not match the name.
i configurated Ipsec vpn at asa 5510.
my inside ip 192.168.10.156
my public ip: 85.x.x.x
my peer ip : 62.x.x.x
the project is that:the remote site want the interesting traffic like that:
source ip 172.16.1.104 can access destination ip 10.0.154.27
my inside ip is 192.168.10.0/0 and i can not to change it 172.16.1.0/24 and i can not to add this ip at my network.i do that way but i can not test it.
interface Ethernet0/0
nameif outside
security-level 0
ip address 85.x.x.x.106 255.255.255.248 standby 85.132.71.107
!
[code]....
We have configured site to site VPN tunnel from offshore to client location using ASA5510 and accessing RDP from client location. Also configured remote VPN access at offshore location. But using remote VPN client we are able to get RDP from officeshore location but not able to access RDP from client location. Is there any additional changes required ?
View 4 Replies View Relatedgetting the iPad to work with Clean Access? Currently running v4.7.2 NAC.
View 6 Replies View Relatedcan't forward port 80 and 9000 from my Qsee Dvr on my linksys router. Model Bfsr41 firmware ver 1.05.03. I want to be able to access my security cameras remotely.
View 1 Replies View RelatedI am trying to figure out how to give computers that connect to my LAN limited access. I have heard that some viruses, though rare, may travel through the network and infect all computers on the network. I want to prevent this. Is there any way to give computers connected to my network strict access to only the internet to prevent viruses or any other harmful attacks?
View 1 Replies View Relatedi have a problem with some sites! i cant access to them ! some sites are hotmail, this one, and many other! the msg that i see every time is : There is a problem with this website's security certificate. The security certificate presented by this website has expired or is not yet valid.
[code]...
I've created a hostname & account with [url].... for my vpn setup.It was working fine until 2 days back. owa was accesible and configured MS Exchange on iPhones.
Suddenly it stopped working.The updation of IP from ISP is happening @ chnageip.com site, but when we ping the hostname, it is not resolving to new ip and is not pinging.Our users outside the coporate's internal network is unable to access.
Need security key to access laptop from wireless router. Cannot remember original username or password.
View 1 Replies View RelatedI configured a dynamic vpn(easy vpn) in a cisco isr. But the vpn clients cannot access any of the lan devices. VPN pool is 10.0.0.1- 10.0.0.20 & internal netwrk add is 172.17.x.x. I tried to disable zone based firewall but no resultout[CODE]
View 1 Replies View Relatedi have access point but no security code where do i find this?
View 1 Replies View RelatedHow can I block and make sure no one has remote access to my computer
View 1 Replies View RelatedI have a desktop pc and bought the DIR-601 so I could use my IPod touch. Everything works good but I think one or two other people ,possibly neighbors are using my wifi. Today I used my iPod and checked under general settings and noticed a wireless name I did not set up but then it disappeared. Also on dlink account online a few months back I was trying to do something with account, security and noticed one or two connections I didn't set up. What are the steps securing router,wifi so others cannot access or use ?
View 1 Replies View RelatedI have configured and tested an ASA-5505 that will be deployed at a customer's home. The ISP cable modem will connect to the E0 (outside) interface of the ASA. All other interfaces on the ASA are configured for the inside network 192.168.5.0/24. I have created a VPN site-to-site tunnel between this ASA and the UC540 to allow 192.168.5.0/24 subnet access to the internal networks on the UC540.
The user has requested that all the network devices used by the rest of the family will only need to connect to the Internet. They will not need access to the VPN tunnel and they will not need access to the computers on the 192.168.5.0/24 inside network. I was planning on performing the following tasks to get this to work.
I was unable to access my ASA 5520 using HTTP/HTTPS even on the management interface. I had upgrade the ASA IOS to asa832-k8.bin and ASDM to asdm-634-53.bin. But, the issue still the same.
My browser show the error message as attach image.
PGA-Firewall-02# sh run: Saved:ASA Version 8.3(2)!hostname PGA-Firewall-02enable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface GigabitEthernet0/0 nameif public security-level 0 ip
[Code]....
setup CE500-24TT switch Port FE2 router / ports FE1,3-24 desktop / Ports GE1-2 Switch ports - MAC filtering is NOT enabled
FE1 - Cisco PIX501
FE2-24 Desktops/Printers
G1 - Empty
G2 - 8 port Gig Switch
8 Port G Switch = SBS2008 / Win2003 with Citrix / Win2K8 Management Server - plus a couple of desktops for Gig to server accessIs it possible to configure a PIX 501 to allow internet access for a Cisco VPN Client 4.8 without Split tunneling.The idea would be to have all raffic traverse the tunnel, be routed out the local WAN link on the PIX and then have the reply be forwarded back to the client over the IPSec tunnel.
I installed Comodo Firewall today, and I couldn't access my Internet from then. I actually liked it's UI and all and want to keep it. The only something that I felt that might be causing the problem is "Use Comodo Secure DNS Server"? Is it likely the reason to be the cause of the problem?
View 1 Replies View RelatedI'm having some problems with a sonicwall pro2040. The problem is this: I can access the sonicwall remotely, and I can ssh into the sonicwall and ping various websites, and get replies, but my connected PCs (Connected by the LAN port) have no internet access. I have never set up a sonicwall before this one, and I feel like there is something I may be missing. Do Sonicwall devices block WAN access by default? Do I need to configure the default route?
View 6 Replies View RelatedI am running a Kodak all in one printer through a Billion 7800n router. The desktop computer running Vista is hard wired and the portable running Windows 7 is wireless to the router. The Printer is hard wired to the Billion router. Where are running Norton 360 on both computers. Everything was running fine until two weeks ago and we get the error that the firewall is stopping access from both computers. I have tried turning off Norton but no effect so I assume it has something to do with the firewall on the Billion 7800n router? Why stop now after several weeks of working fine after setup?
View 8 Replies View RelatedI have access to free wireless service but it requires a security key? How do I get this key?
View 3 Replies View RelatedIs it possible to restrict the Remote Access VPN to ASA based on the Source Public IP , if so how ? here I am not talking about the VPN-Filter under group-policy . I Want to restrict the access from specified source IP (Public IP)
View 1 Replies View RelatedVerifying the operation of the ASA when configured with Global access rules. Does the global rule overide the interface security levels? According to the ASA order of operations, the interface specific rule get's processed first and then the global rules, but It does not say anything about interface security levels. Observing an ASA in production that has global rules configured I see that an interface with a security level of 50 that has no rules applied to it, passing traffic to the outside interface (security level 0) drops the traffic. Syslog shows that it hits the global access rule implicit deny. Does the implicit permit any to any less secure interface not apply?
View 7 Replies View RelatedWe have 6 brnaches configured with NAC Module in Cisco 2821 ISR router. The WAN link being used to connect all the branch to the HQ CAM is via WIMEX wireless Broadband. The bandwidth is 2MB.OOBVG is the mode used. All branches were working well last 1 year. Last month it is suddently disconnected from the CAM.I opened the TAC. Cisco history of TAC experience, We have total 6 TAC enginners tried one by one still the problem not resolved. The following are the findings
1. Timing is accurate between CAS-CAM
2. Shared secret key correct
3. SSL temp certificate ok also image being used it 4.6.1.
4.Tcpdump from both CAM and shows some initial packet drops of 10 sec with the below CAM log
I believe that NAC is not a matured products and the problem like this even by Cisco TAC can not solve.