i'am using csm 4.1 and i have configured the keep audit log for 30 days and the entries becomes older than the number of days specified in the keep audit log without deleting, i don't understand why this happend and how can i make shur that the purge is done.
if the purge is automaticaly or i have to delete the oldest entries by my self.
i'am using csm 4.1 and i have configured the keep audit log for 30 days and the entries becomes older than the number of days specified in the keep audit log without deleting, i don't understand why this happend and how can i make shur that the purge is done. if the purge is automaticaly or i have to delete the oldest entries by my self.
View 3 Replies View RelatedSave and reset button is not working on Sys log Purge Settings page (Admin > Network > Purge Settings > Sys log Purge Settings) when Email: field is not empty. An Reset button is not working at all.This is the Cisco Prime LMS 4.2.1.
Is it only my LMS server or you all have this bug?
we use an asa5520 like vpn termination point, asa uses acs5.3 for authentication purpose, and all seems to work properly,but acs5.3 doesn't purge user sessions when vpns terminate; I can see many user "logged-in" into menu System Administration --> Users --> Purge User Sessions; this is a problem, because we have configured max session per user how can avoid this problem? is there any new configuration to implement into asa?
we need to configure max session per user, but there is only a global option applyed to all users.how can we configure user accounting? we need to know how long a user is connected via vpn session.
I'm unable to maintain a connection with an FTP host outside my network through my Cisco 871W Wireless/Wired router. I am able to establish a connection with the external FTP server, but when I attempt to transmit files I get repeated disconnections and failures.
The software running on the device is IOS C870-ADVSECURITYK9-M, Version 12.3(8)YI2 RELEASE SOFTWARE (fc1)
Synched to technology version 12.3(10.3)T2
System Bootstrap Version 12.3(8r)YI
I know it has to be somewhere in the configuration, but SDM no longer operates and I'm not entirely familiar with the IOS command set. When I remove the Cisco device and plug my computer directly into my ISP network, I am able to send files via FTP with no problems.
My AV often reports my windows 7 ultimate 64 service files, such as winmon.exe or or service.exe requesting opened TCP connections along with a number of .DLL filkes, and then times they are flagged as heuristic behavior modification, however i know many of those are undeletable, due to windows security replacing them as soon as they are noticed to be missing and in another thread it was also indicated that these must be deleted from three places at once almost to actually prevent those from being instantly replaced, this explains maybe why i get this repeatedly immediately after boot up, but after five or some times it slows down to now and then.still quite a hassle to stop on start up.
View 2 Replies View RelatedI configured the logging parameters on my Cisco asr 1000 , but nothing was sent to my terminal monitor
logging on
logging buffered debugging
logging buffered 5
[Code].....
We have LMS 4.2 installed and added devices;Now if for example a device is not reachable we get two messages with same failure ;only the component name is different
- one event with "dns" in component name
- one with "dns(ip)" in component name
dns == hostname
I've got a a customer that is using a single sign on product that uses agents installed on the customer's domain controllers. This works fine accept for one scenario. When the customer transitions from a wired to wireless connection or vice versa. We have determined the reason for this is that the DCs are not getting Windows logon events ie 540 on 2003 servers or 4624 on 2008+. The users have files shares mapped onto member servers but refreshing those is not hitting the DCs.
Any way to ensure hitting a domain resource generates a logon event on a DC without directly mapping a resource on a DC. If it matters there are 50 domain controllers and around 200 member servers spread all over 48 states.
How do you monitor ASA firewall fail over events?
We had a firewall fail over, didn't know it, the configs were out of sync and the customer went down we want to avoid this is the future.
I read in the Cisco IOS ASA documentation (8.x) that some group-policy attribues are only available for soft-VPN clients while some are available for both soft-VPN clients and L2L VPN clients. Cisco didn't clearly specify which attributes were available for which clients.
To aid me in troubleshooting my L2L VPN setup could someone indicate if the order of events (listed below) is correct for ASA 5520 with IOS 8.x and if the attributes selected are available for L2L VPN clients?Also, are there "show" commands to reveal more details about tunnel-groups, group-policy, etc. when used with VPNs?
I've just installed LMS 4.2, like it a lot so far. In the Fault Monitor, the Device Name column shows the device's IP address rather than the host name. We need for it to show the host name, for ease of troubleshooting; most folks don't have the IP addresses memorized. Likewise, when an email is sent out for an event, the managed device field also shows up as the device's IP address.
The devices were all discovered with their IP addresses rather than a host name...should LMS have automatically found their host names? Regardless, I manually updated all of the device's host names, yet they still display as an IP address in the fault monitor.
Also, it appears I need to figure out some way to throttle alerts. One particular device will report an event (ie a temperature out of range) dozens of times in a polling period...several per second, even though it's the same alert.
What I want to do is be able to control my PC from my TV screen. I mean I want to be able to stream a live ball game or movie I have on my PC hard drive & see it on my TV. I heard about Roku & thought that is what I wanted or Blueray with DLNA. But Roku just pulls streams from subscriber sites like Netflix & Hulu. DLNA will allow you to view video you have on your HDD but will not let you stream live feeds like watching a live event that is streaming on your PC. Is there any hardware out there that will allow me to have whats on my PC screen on my TV screen via wifi (or other means)?
View 2 Replies View RelatedI faced with strange behavior of Cisco 2901.I strat ospf process on router, do some ospf manipulations and than turn off ospf with
R1(config)#no router ospf 1
But after that when I start to change my config: shut/no shut interfaces I see OSPF debug messages
R1(config-fr-dlci)#interface Serial0/0/0.5 point-to-point
R1(config-subif)#sh
R1(config-subif)#
Jul 5 12:33:13.004: OSPF EVENT Se0/0/0.5: Route adjust
R1(config-subif)#
R1(config-subif)#
R1#sh
Jul 5 12:34:15.076: %SYS-5-CONFIG_I: Configured from console by consoleip pro
R1#sh ip protocols
*** IP Routing is NSF aware ***
How it can be? Thereis no OPSF process on R1.
I've just taken over a new network with a Cisco ASA5520. Everything is working fine, except I am being bombarded with 106001 alerts from a few internal hosts to one specific internal host. The description in general is "Inbound TCP connection denied from 10.1.0.1 to 10.1.0.5 - both of those are valid internal hosts and the TCP ports are also valid. I tried looking at the log and getting it me to tell me which rule was causing these alerts, but it just came back with 'It's not possible for these type of alerts'
- How is it possible for the ASA to even pick up on this when, in theory, the source host wouldn't be going near the ASA since it's on the same subnet?
- What might be causing this?
- How can I turn it off!! (I guess that'd be fixed by point 2)
I have a Cisco ACS 5.1 virtual appliance which has been working fine, I have however just discovered that it is now unable to provide me with any logs. TACACS authentication is still working without any issues, the only problem I have is viewing the logs.
View 6 Replies View RelatedI am new to Cisco Nexus 7000 Series NX-OS System of appliances. I am looking for type of log events that are getting generated by CISCO Nexus 7000 switches. Some documents which give me this references & some documents which have a log line explained.
View 4 Replies View RelatedI have a server connected to my router with a CAT5. I usually manage the server from my laptop connected to the router via WLAN. I often need to add files to a public folder on the server so it can be dowloaded by my clients when they need them. I can access my personal laptop from the server, but I cannot access the server's files from my laptop. This is recent and used to work fine. I also cannot acces other personal computers on my network that I often connect to
View 11 Replies View RelatedI just got my ea4500. the 50 Mbs from Comcast was killing my old wrt54gl. the thing where cisco connect and access thru the web interface step on each other, or when the web interface does not expose all the settings is annoying. because i didn't want a guest network, i had to go back to Cisco connect. and things did not work well. i ended up re-doing the whole thing, because i did not want a guest network and wanted diff settings for 2.4 and 5 Ghz.and logging after so many years and Linksys still does not include a date/time stamp for the events. logs without date/time are not very useful.
View 6 Replies View RelatedAdd the ability to send syslog events to multiple syslog servers in the SA500 Series routers. I know the functionality is currently in the RV220W because we utilized it. It would be great if you could configure the syslog servers by event type as well. For example, being able to send the kernel events to syslog server A, and all other events to syslog server B.
View 0 Replies View RelatedI'm studying for CCNA Sec exam and looking for any security labs for GNS3 or Packet Tracer.
View 3 Replies View RelatedMy company ordered NAC and ACS 1120 My question is Can i configure 802.1X security through ACS server and NAC in layer 2 Inband Virtual Gateway.for campus switches.Is it the good design to have double security for switch ports. 1st is 802.1X and 2nd is NAC in layer 2 INBAND VG?
View 1 Replies View RelatedASA 5510 security plus edition will it support active/active failover. and does it support context with securiyt plsu edition. and how many default context do we get with asa 5510 security plus edition.
View 3 Replies View RelatedI have a Linksys WRT610N wireless system with WPA-PSK security and this works fine with several computers but now one computer detects the wireless security as WEP and can thus not connect to the router. I have tried to manually connect to the router with correct security WPA-Personal (TKIP) and correct password but then the computer says "settings saved on this computer for the network do not match the requirements of the network".How can I get the computer to detect the correct security? The computer is running Windows 7 home premium.
View 7 Replies View RelatedIs it true that the FCC is investigating the Pogo game site because of poor security? Is Java the cause of this problem?I'm very leery of getting on the Pogo site because I've been told that my computer could get a virus and crash.
View 1 Replies View RelatedI'm new to IT, and have been put in charge of managing our servers hile my boss is on vacation.We currently have a Sonicwall Network Security Appliance that handles our Firewall/VPN and have web content filtering set in place.I have a user who belongs to 2 CFS policy groups that we have set up. I've double checked with Active Directory, and he is a member of both groups.
This person SHOULD have access to Job searches/ and Restaurants,but receives a "content blocked" message on his browser.It appears to me that the settings in Sonicwall are correct, as well with AD member groups.
I am trying to connect to a Security-enabled wireless netowork. I have the key. My problem is that I can't seem to figure out how to enter it. When I try to connect I open the "view available networks"window. I see the network name and it shows a strong signal (all 5 green bars).
View 3 Replies View RelatedI want to install Microsoft Security Essential on my PC, but I am not sure which download I need. One says amd64 and the other is x86. I am using windows xp 32bit.
View 2 Replies View RelatedSome security tools and techniques for wireless LAN??
View 1 Replies View RelatedI was informed by a co-worker that there is a security vulnerability with the local certificate authority in the ASA running 8.3 code. I've looked through the security advisories and haven't been able to find anything about this. Was this just misquote or am I missing the security advisory release?
View 1 Replies View RelatedI have a ASA 5505 that I test with which originally came with the Security Plus license. I recently erased flash and loaded the latest asa841-k8.bin version of IOS along with asdm-642.bin. Everything booted fine and came up as it does when freshly wiped however I noticed that i was now only running a base license. If I issue the sh activiation-key command, I noticed the following messages (full output is at the bottom):
The Running Activation Key is not valid, using default setting
......
This platform has a Base license.
......
Failed to retrieve flash permanent activation key
Did I somehow kill my Security Plus licensing when I did the erase flash? If so how do I recover it?
ciscoasa# sh activation-key
Serial Number: JMXXXXXXHU
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
The Running Activation Key is not valid, using default settings:
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
[code]...
This platform has a Base license.Failed to retrieve flash permanent activation key.The flash permanent activation key is the SAME as the running permanent key.
How can I get the security key password for my iPad?
View 2 Replies View RelatedI have windows xp home and the last few days a security installation has kept trying to install ie: "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242) (update 1 of 1)..."
View 3 Replies View Related