Home Network :: Upgrading - Will It Need Firewall
Oct 8, 2011
I am upgrading my home network, I am running cat 5 cables all around my house. currently I have a comcast cable modem and a netgear router. I will have about 20 cables coming in to my office (all the network equipment is already there) I know I will need a switch but I am not sure what kind. I will be upgrading my wireless router to a much better one, should I have the router get its internet connection from the switch or have the switch get the connection from the router. Will I need a firewall? I also have a web and ftp server running behind the router? how should I connect my server?
View 4 Replies
ADVERTISEMENT
Mar 22, 2013
I was using Remote Desktop between two home computers hard wired through the router and a switch. Now after upgrading to firmware 1.35 I can't get remote desktop to connect. I get an error that I may not have permission, etc. I have the DIR 655 ver A and am running Windows 7 professional on both computers.
View 5 Replies
View Related
Sep 16, 2012
I am redoing my homes networking and I am looking for a firewall. I heard that you can install clear os on a server and use it as a firewall and a dhcp server. So i was going to install it on a rack in my server cabinet. does the server need to have a wan port and a lan port? Or how does the server get connected? So, so far its the cable modem into the clear os firewall and then into my switch. Is is possible to use the clear os server as the dhcp server for the whole house? From the switch I am going to connect the rest of my servers, and the rest of the house. I was going to connect two wireless routers for my house. Would that work with the clear os server?
View 2 Replies
View Related
Sep 4, 2012
I've been trying to configure a cisco ASA 5505 for my home network but I'm not having much joy with it. I've looked at countless guides, tutorials and followed the ASA setup wizard in ASDM. The Cisco 1841 is running sub-interfaces for my VLAN's.
View 4 Replies
View Related
Oct 28, 2011
I would like to setup a small home network with an ASA firewall and an 871 router for testing purpose so I can get familar with the ASA commands and concepts. Is there sample config I can be pointed to?
View 2 Replies
View Related
Feb 24, 2013
I have a Time Warner Cable business class service with no static IP, with a wireless modem which is plugged to a CAT5 distribution panel. On the jacks (2 other rooms on the house) I have a Linksys E3000 and a Linksys Valet router for signal boost and gadgets usage (TV, cameras, etc).The main router (TWC) has it's own external IP which TWC assigns to me and internally distributes via DHCP the range 192.168.0.x. With that said:
- The E3000 has a 192.168.0.6 IP -- this is fixed setup on the TWC router (ubee brand) by MAC address
- The Valet has a 192.168.0.7 IP -- this is fixed setup on the TWC router (ubee brand) by MAC address
- The main router has the 192.168.0.1 as the gateway and web-interface
Whenever I connect something to the E3000, it is distributing the 192.168.1.x range and the valet 192.168.2.x range.That works perfectly for my home based business until I decided to use more stuff on the network such as a IP printer, IP cameras, etc.
- The IP cameras are connected to the E3000 due to signal strength and I have manually assigned them the 192.168.1.15 and 192.168.1.16 IPs and ports 9001 and 9002.
- The printer is connected to the E3000 and I have manually assigned the IP 192.168.1.30.
Issue 1: Port forwarding On the main router (TWC - UBEE) I have tried to setup a port forwarding by informing the Local IP as 192.168.0.6 (E3000 IP), Internal Port 0, Public Interface IP (0.0.0.0), Ext Start Port 9001, Ext End Port 9001, Protocol - Both, Enabled Yes. On the E3000 I did the same config (screen shot attached e3000.png).This is not working properly. I can't get into the camera.
Issue 2: Printer/ The printer is only accessible if I connect to the E3000 (because it is on the 192.168.1.x network)
Issue 3: How to configure all the devices on the same subnet? If I want everyone to be on the 192.168.0.x network, how to configure properly the E3000 and the Valet? I have tried to force them into the same network but it would not work properly. It would not get an IP from the UBEE router (main).
View 5 Replies
View Related
Feb 25, 2013
I have been asked to install a ASA5505 on a home network. The home network has a home broadband connection which the ISP provider supplies with an IP address. This is only for 6 weeks until the new line comes in. I know this is going to cause problems but we have no choice but to impletment this.
My questions are below.
1, We have a home hub supplied by the ISP which is configured by an IP address which is NOT static. Can we not use the ASA 5505 instead. I know that if our ISP change the IP address we have to change the IP address on the 5505.
2, Will we be able to use the home network broadband to create a secure connection?
View 1 Replies
View Related
Aug 2, 2012
I have a home network using a 2600 and PIX515E, and unfortunetly I don't know how to set up ACLs. I read a few Cisco documentation but unfortunetly I am unable to grasp the concept of how to define them. Would anyone be able to give me a crash course on setting up ACLs?
View 3 Replies
View Related
Mar 12, 2013
We are in the middle of upgrading from two PIX's to some new ASA5512X's. To give you some background on the situation we are upgrading these since the PIXs are fairly old. We had one extra that we had to use since one PIX has failed already. The guy that implemented the PIXs orginally was learning how to do so as he went so there is alot of needless config in the PIX, atleast from what I can tell. Another guy that works with me has done some configuration on the new ASAs and has done the majority of it so far. Today we went to install the new ASAs and switch everything over hoping it would work, but that didn't happen. It seems that there is something wrong with our NAT and ACLs somewhere along the lines. The way our network is laid out is that we have two school campus with a site-to-site VPN one is 172.17.0.0/16 and the other is 172.18.0.0/16. We also have a remote-access VPN on both ASA's. When we connected the new ASAs up and brought up the interfaces, nothing on the inside could ping the internet nor the other side. The VPN showed active on the ASA's and each ASA could ping the others outside interface, but that was it. I have posted the configs below.
ASA1:
: Saved
: Written by enable_15 at 04:26:18.240 CDT Tue Mar 12 2013
!
ASA Version 8.6(1)2
[Code].....
View 5 Replies
View Related
Sep 20, 2011
I are currently implementing a new patching schedule (when I say new i mean a company first!!!) and I have identified that the firewalls are all running 8.2(2). I would like to bring these up to the latest version but am a little worried about impact!!! I have setup a test firewall with the config from our live asa's and run the upgrade but have received multiple lines.
View 9 Replies
View Related
Jun 24, 2012
We are working for a client move from PIX 525 to ASA 5585-X, SSP10. This is a production environment and very critical migration. What are the gotchas which we should be aware off?
View 1 Replies
View Related
May 15, 2012
I need ot upgrade a Cisco PIX 515 E to A Cisco ASA (not sure what type and modle yet!). the PIX currently has about 80 lines of ACLs and no VPNs. So only inside and outside interfaces and 80 lines of ACLs to be transferred over to the ASA.I was wondering if the ACLs can be transferred over to ASA as is?is there anything that I need ot watch for?
View 1 Replies
View Related
Jun 26, 2011
I wanna upgrade FWSM Version 3.1(11) to latest 4.x version is this possible or i have to upgrade first to 3.2 and then to 4.x?
Is there any changes in configuration commands that i need to know? The version that 6500 running is s72033-advipservicesk9_wan-mz.122-18.SXF14.bin,an upgrade to 6500 is needed also?And if so what ios version will i put?Also which is the asdm supported version?
View 3 Replies
View Related
Feb 26, 2011
We have 2 ASA 5520's working in active/standby mode and both have the IPS module installed then 2 firewalls have also been upgraded to have 2GB of memory.
I have been asked if it is worth upgrading to 8.4 from 8.2. There is nothing wrong with our current firmware and if it isn't broken then why change strings to mind, but I also dont wnat to be left behind.
I've upgraded the firmware on the ASA's before, but they have been pretty simple. I do the standby ASA first and wait for it to come up, then do the other. However I think 8.3 and 8.4 are big jumps and have issues with NAT (we have a lot of NAT's and NAT exempts). I have had a quick read of 8.4's document, but has actually upgraded from 8.2 to 8.4?
View 8 Replies
View Related
Apr 25, 2012
I'm in the process of upgrading our ASA 5520's from 8.2 to 8.4. I have sufficient memory installed and have read many posts in this forum on different upgrade strategies. I have an active/standy configuration and have settled on upgrading the standy unit from 8.2 to 8.3 then to 8.4, fixing any errors, testing traffic and then upgrading the primary unit to the latest rev. I've read where active/standy mismatching is supported but for a short period. My question is how long will I be able to run two boxes with different software? Unfortunately I don't have the option of doing this off line in a lab.
View 1 Replies
View Related
May 1, 2012
I have recently come upon a ticket that requires functionality from a later version of the ASA 5510 IOS Firmware, upon researching how to do this upgrade I got caught in a catch 22 where I am unable to download ASDM or the ASA software.
Apparently I need a service account? I'm looking at Cisco software download page and searching ASDM which then brings up links to two pages which are ASA and ASDM.
View 1 Replies
View Related
Oct 25, 2012
I was trying to upgrade an ASA to from 8.2.4 to 8.4.4, and I began receiving the following migration errors (the IP addresses have been changed to protect the innocent):
ERROR: MIGRATION: The following ACE is partially/not migrated to Real IP, as it could result in more permissive policy. Please manually migrate this ACE. permit esp host 1.1.1.1 host 2.2.2.2
I got a TON of these, in fact the migration, and these errors ran for over 24 hours before I gave up, powercycled the unit and forced 8.2.4 to boot through ROMMON. This was a secondary unit, that's why I let it go this long.
What I don't understand is that we do not have anything in the configuration for ESP.
View 1 Replies
View Related
Jun 29, 2011
I have a ASA5505 with the Sec Plus license on it. This allows 25 VPN peers at any time according to the show version output:
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : Unlimited
Failover : Active/Standby
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 25
WebVPN Peers : 2
Dual ISPs : Enabled
VLAN Trunk Ports : 8
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5505 Security Plus license.
1.)As far as I understand this means RA users and peer2peer combined?
2.)I need additional RA clients to be able to connect in at any time, as far as I know there is no way to allow more IPSEC clients then this due to hardware limitations?
3.)If I go for the Anyconnect option (10 users license), does this then mean that I can use the 25 IPSEC VPNs and at the same time have users using the 10 SSL Anyconnect VPNs at the same time?
4.)Which Anyconnect license am I supposed to buy if this is the route I go, the clients will all be connecting from their desktops most of the time?
5.)Is it difficult to set up?
View 4 Replies
View Related
May 15, 2013
official or unofficial (official more preferable) guide about upgrading IOS from 8.2 to 8.4 on ASA 5520 model?
View 1 Replies
View Related
Aug 19, 2012
we are going to upgrade our 5580 ASA Cluster from 7.2 to 8.2 and want to do it like this way ( which worked for all 7.x upgrades ) :download asa8.2 Image to primary + secondary Firewallreboot primary ( message come up " mate version ...)reboot secondary.Does it works any experience? Does it work if both firewall can see each other during the boot process ?
Do I have to bring the secondary into the monitor mode so the fw is not visible for the primary ?
View 2 Replies
View Related
Dec 12, 2011
I've got a used WS-SVC-FWM-1-K9 on the way and I'd like to standardize it to the Firewall Module Software Version 4.0. I'm not positive if the current software on it is newer or older than Version 4.0. Is this possible to perform or is the Software as is on these modules?
View 2 Replies
View Related
Dec 9, 2011
I have to be missing something small in my config. If I upgrade my ASA 5510 which I am routing and Na Ting off of, from 8.4.1 to 8.4.2.8, SIP stops. All phones go dead.
If I roll back to 8.4.1, SIP comes up.,... Go back to 8.4(2)8 and SIP goes down.....
This is without making any config changes. I have looked at it so long, I must be overlooking something simple.
View 9 Replies
View Related
Oct 8, 2012
One of our clients has recently purchased upgrade licenses for their cisco asa as follows
L-ASA5505-10-50=
and
L-ASA5505-SEC-PL=
after retrieving the activation key from the cisco website we tried entering the activation key to the asa both via ASDM and telnet when entering the command on telnet the shell becomes unresponsive when entering the command on ASDM we receive a "success" message followed by a request to restart ASDM and save the configuration after a minute or so i get an error screen saying "write mem" the asdm restarts and nothing changes.
View 4 Replies
View Related
Aug 17, 2011
I am looking at upgrading an HA pair of ASA5520's from 8.2(2) to 8.3(1), and am just wondering why the huge upgrade in memory is needed. How are Cisco justifying where the additional memory is going to? Are there supposed to be some massive improvements in performance?
View 2 Replies
View Related
Nov 7, 2012
Since we upgraded our ASA from 8.3 to 8.4(4), VPN users cannot access resources. This worked fine until the appliances were upgraded. We get the message:
[code]....
View 2 Replies
View Related
Sep 13, 2011
This is the situation I got to firewalls with failover and I need to upgrade the license so I can get more context (right now I have 5 context and I need 10) so I was looking at the procedure and I'm not sure If I need to restart the device or not. I was looking at this procedure:
Upgrading the License for a Failover using ASDM (No Reload Required) Use the following procedure using ASDM if your new license does not require you to reload. This procedure ensures that there is no downtime.
•1. On the active unit, choose Configuration > Device Management > High Availability > Failover > Setup, and uncheck the Enable Failover check box. Now click Apply. The standby unit remains in a pseudo-standby state. Deactivating failover on the active unit prevents the standby unit from attempting to become active during the period when the licenses do not match. •
2. Choose Configuration > Device Management > Licensing > Activation Key, and enter the new activation key that you obtained with the active unit serial number. Now click Update Activation Key.•
3. Log into the standby unit by double-clicking its address in the Device List. If the device is not in the Device List, click Add to add the device. You might be prompted for credentials to log in.
4. Choose Configuration > Device Management > Licensing > Activation Key, and enter the new activation key that you obtained with the standby unit serial number. Now click Update Activation Key.
5. Log into the active unit again by double-clicking its address in the Device List. Choose Configuration > Device Management > High Availability > Failover > Setup, and re-check the Enable Failover check box.
6. Click Apply. This completes the procedure.link: [URL]
But then I checked on the cisco web page that there are some license that need to reload I see this:
All models
#Downgrading any license (for example, going from 10 contexts to 2 contexts).#Note If a temporary license expires, and the permanent license is a downgrade, then you do not need to immediately reload the security appliance; the next time you reload, the permanent license is restored.
[URL]
So I just want to know if I'm UPGRADING from 5 to 10 context the reload applies to my situation or not?
View 1 Replies
View Related
Jul 19, 2011
Is blocking echo request to prevent ping sweep the same as having a firewall in stealth mode? And how could someone ping sweep from outside if you had a firewall at all?
View 3 Replies
View Related
Oct 20, 2011
Here's the layout: Cable modem in the basement. Several devices in which I'd prefer a wired connection in the basement. Upstairs on the 1st and 2nd floor of the house are many devices in which wifi is fine or preferred.Here's the problem: As you might guess, wifi is weak upstairs and certainly on the patio and 2nd floor. I have an access point upstairs that I've experimented with but it is flaky.
View 1 Replies
View Related
Nov 10, 2011
How to install a wireless network in home environment?
View 6 Replies
View Related
Jan 14, 2012
I am a new student in networking, taking the CCNA courses, and now want to rewire my home. I currently have a cable modem and E2500 setup running my network. I want to get the modem and router out of my computer room and in the basement where the cable enters the house. I want to do this to clean up the computer room wiring a bit and to run line drops to different rooms in the house where the internet will be utilized.Currently there are two PC's, a laptop, a tablet, sometimes a phone, and an XBOX using the internet. I want to get my printer back up and running on the network but thats another story. Only one PC is currently hardwired. I would like to run two cables into the room with the PC and XBOX that are currently using wireless, at least two into the computer room for the PC and network printer, and one or two into the living room for the blue ray player and possibly an internet tv.
View 1 Replies
View Related
Sep 10, 2011
I have a D-Link DGL-4500 router and my landlord recently ungraded our internet connection. However, now I get this error message when I try to hook it up to the ethernet hub,"The addressing of the Internet side learnt thru DHCP conflicts with the addressing selected for the LAN side. Internet communications will be disabled until you have changed the LAN side addressing to resolve the problem."
View 3 Replies
View Related
Jul 2, 2012
After upgrading an ASA5520 from 8.4(1) to 8.4(4.1) I ran into the following trouble:
Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:192.168.149.21/53 dst inside:192.168.37.123/53 [code].....
All the subnets mentioned above are connected via VPN.
View 6 Replies
View Related
Aug 14, 2012
[code] I would like to the ASA5510 Base license upgrade to Security Plus license. But after the upgrade is still the license of the Base.I think I was wrong option selected in the process of upgrading, how should I do to be successful upgrade
View 2 Replies
View Related
