Cisco Security

Hi all I'm trying to implement a GoDaddy Wildcard (*. mydomain.mytld) cert for a number of clubs, among which there is our ASA. I put away the old certs and did some housekeeping on their trustpoints, etc., with the result pretty much own config. (I'

Hello I need to know the requirements of VSM 6.3.2 upgrade to 7.0.1 VSM. I need the following clarifications: 1. license model (Do the customer must pay for this upgrade) Upgrade option 2 (we can directly improve or does it first make another version

Hello I am a newbie to network and you have a question about FWSM (Version 3.2 (7)).  Is it the FWSM by default drops in double package SYN TCP 3-way handshake?  Traffic is between the internal and external interface. Thank you Network Newbie

Hello We have a pair of 5510 s and a pair of 5520 s, each active mode / standby.  I would like to upgrade the ASDM and ASA software on these, but can't find any documentation that advise on how this can be done without physical access to devices.  Th

We configure the user accounts on the local ASA 5510.  Is it possible for the user to set up accounts so that users can change the password after the first login? Thank you. Laura

Is it possible to have a different public IP (i.e. 66.102.7.000) address to telnet and SSH for the ASA 5510 remotely?  If it is possible, how you would install the telnet and SSH?  The config is attached.  Thank you. Laura

I'm still learning and I hope it's a good place to ask questions. I take the ICND2 in 4 days and I'm more than ready for this. Right now I play with VPN and just wanted to know if that would work. I have the following network... ISP > 2621XM FA0/0 FA

My VPN ends very well, but cannot access the local network. The warning is the LAN is a public good 24 subnet.  I'm not sure how to NAT the LAN to access the VPN subnet and not to disturb any other functionality.  I have attached the configuration. T

I currently have tunnels VPN site-to-site of two remote sites with 1720s to connect to an ASA5510 on my site TOWN_HALL. (see attached diagram) It works well, but I want to add connectivity between the 1720-A LAN (172.20.3.0/24) and LAN 1720 - B (172.

There's a possible two-way NATs based on strategies? I can find plenty of examples to manage a simple two-way NAT but the Cisco documentation I've read indicates that based on local addresses only translated strategies. However, I have read conflicti

Hi all I intend to implement SSL VPN on ASA 8.2.1. For example, I create the DAP following 2 files to assign different access rights. Policy name: sales DAP ldap.memberOf = sales Action: continue Policy name: engineering DAP ldap.memberOf = genius Ac

Is it possible the CLI to interesting to implement traffic source or otherwise test a VPN strategy?

Current situation: Scenario is remote to the main office. Site IPSEC tunnel site (netscreen) remote in hand (506th pix). Cisco VPN Client of main office of remote access to users. It's that everything works perfectly. Problem: Now we want remote user

Hi Sir, I'm setting up a ASA to end remote access VPN. ASA version is 7.2 (1) 24. Client VPN version is 4.6.04. I want all the ASA except that user traffic to destination network 10.200.75.0/24-tunnel. My config as follows: ! ACL_SPLIT_TUN list stand

Hi all This is my first post here, and I hope not to violate the rules of the forum. I have a problem with ipsec (actually it's my first "date" with Cisco crypto tools). Here's the situation: I got 2 cisco routers (1751) with IOS c1700-advsecurityk9

Hello I have the router Cisco 876 (with 12.4 (4) T2 IOS) and Cisco VPN client worm. 4.6.02). I am trying to configure my router as a VPN concentrator for 2 groups, but the implementation of tunnel fails already with the negotiation of parameters. Ple

Hello I have a vpn site-to site to remote access configured on the pix device. Everything works like a charm until I decide to perform authentication of the local client for remote vpn clients using the same card encryption from site to site. Thus, t

Hello for Concentrators VPN load-balancing, a similar configuration must be to both devices. The master of the cluster config VPN concentrator push. for other members of the cluster, or must be manually? Thanks in advance

WHEN THE ISAKMP NEGOTIATION BEGINS IN IKE, SEARCH ISAKMP MAIN MODE IDENTICAL ON BOTH PEERS ISAKMP POLICY. PLEASE INFORM PEERS ARE RESPONCIPLE FOR MATCHING POLICIES?

Hello We have 30 sites wan that we have configured for ipsec. the configuration is the same with 3des-sha-pfs2-isakmp. We met an unknown problem.after, allowing some of the Tunnels, we have discovered that the work one and the rest are disconnected.