20 Most Recent Cisco ASA 5505 Firewall Questions & Answers


The total sum of the Inside/Outside/ and pool address add up to 5,265. Subtract 10% and multiply by 260 to get the gender aspect of the original formula. Move the Network address to Google and download the residual code offered by the program that appears in the open window. Enter the code in the appropriate space provided and this will solve the problem by late 2015.

Cisco ASA 5505... | Answered on Nov 07, 2019


Use the Cisco ASDM or SDM software, that will give you an easy graphical interface to configure the ASA. One of them would have been shipped with the device.

Don't forget the ASA has to pre-configured, just a simple config. Have HTTPS enabled and telnet/SSH helps as well if you dont have a serial port or the console cable.

Cisco's website will give you quite a lot of info for free...

Cisco ASA 5505... | Answered on Aug 25, 2014


HI,

You shall do the same with MPF. Create a regex filter to identify the types of files you would like to block,

e.g. 1
2
3
4
5 regex archive-type1 ".*\.([Zz][Ii][Pp]'[Tt][Aa][Rr]'[Tt][Gg][Zz]) HTTP/1.[01]"
regex archive-type2 ".*\.([Tt][Aa][Rr].([Gg][Zz]'[Bb][Zz]2)'7[Zz]) HTTP/1.[01]"
regex doc-type1 ".*\.([Dd][Oo][Cc]'[Xx][Ll][Ss]'([Pp]){2}[Tt]) HTTP/1.[01]"
regex doc-type2 ".*\.([Pp][Dd][Ff]'[Oo][Dd][Tt]) HTTP/1.[01]"
regex exe-type1 ".*\.([Ee][Xx][Ee]'[Vv][Bb][Ss]'[Vv][Bb][Aa]) HTTP/1.[01]"
Create regex for Content-Type Application/*

1
2 regex application-header "application/*"
regex content-type "Content-Type"
Classify regex that matches the extension types
class-map type regex match-any ext-types
match regex doc-type1
match regex doc-type2
match regex archive-type2
match regex archive-type1
match regex exe-type1

Capture the http response that contains content-type and application/* header
2
class-map type inspect http match-all http-header-response
match response header regex content-type regex application-header
Capture http request packet that matches the class ext-types
1
2 class-map type inspect http match-all http-request
match request uri regex class ext-types

HTTP is the interesting traffic
1
2
3
4 access-list http-traffic extended permit tcp any any eq www
access-list http-traffic extended permit tcp any any eq 8080
class-map http-traffic-class
match access-list http-traffi

Create policy to prevent download attempt via http request
1
2
3
4
5
6
7 policy-map type inspect http block-http-download
parameters
protocol-violation action drop-connection log
class http-header-response
drop-connection log
class http-request
reset log

Apply policy on the interesting traffic
1
2
3 policy-map inside-http
class http-traffic-class
inspect http block-http-download Apply the policy onto interface to take effect
1 service-policy inside-http interface inside
Hope this would help.

Cisco ASA 5505... | Answered on Mar 17, 2014


Please check the upgrading the software in the below link
LINK

Cisco ASA 5505... | Answered on Mar 01, 2011


HI,


· Please check the whether the security level for DMZ and outside interface, If DMZ is high security level. Please do the NAT configuration
· If it's having the same security level. Please issue the command "same-security-traffic permit inter-interface "in the global config mode.

Cisco ASA 5505... | Answered on Mar 01, 2011


Hi!

Unfortunately, it's not possible with your firewall model...
You will need at least an ASA 5510 with an CSC-SSM module to filter URLs.

You can use an external URL filtering device with that ASA like WebSense/SmartFilter... For more info look here.

In case of a problem or clarification, don't hesitate to post me a reply before rejecting my answer.
If you are satisfied, rate my solution with the "thumbs" or (even better) add a testimonial.

Best regards,
Pelu.

Cisco ASA 5505... | Answered on Feb 04, 2011


Reboot your your device and try again.

Cisco ASA 5505... | Answered on Apr 03, 2010


Remove all Ip details who are belongs to not working ISP.

Cisco ASA 5505... | Answered on Mar 26, 2010


increase your proxy time out or remove the proxy setting from your VPN.

Cisco ASA 5505... | Answered on Mar 26, 2010


1. Please check your printer's IP address and port number is permited in your cisco firwall or not.

Cisco ASA 5505... | Answered on Mar 26, 2010


gostaria de receber o manual de instruçao do aparelho telefonico intelbras id ns ep0811190257

Cisco ASA 5505... | Answered on Mar 17, 2010


Checksum verification has something to do with the communication of this device.

Since you already perform the factory reset, the only thing that I could think of is that the BIOS (internal component) of this device went bad. That BIOS should be reprogram or replace.

Unfortunately, you need to contact the manufacturer and have them repair it for you. Only the manufacturer can repair this.

Thank you!


Cisco ASA 5505... | Answered on Feb 22, 2010


do the name resolution for the website and write a policy to block the traffic from your trusted network to that website ip address. If required i shall write the policy and give it to you, for this i need the following details.

1. Name of the websites
2. Local network range (LAN ip address with SNM)

But this is very hard for you if there is more number of websites, For this you shall integrate a URL filtering software like WebSense, N2H2 etc with your firewall.

Cisco ASA 5505... | Answered on Dec 02, 2009


http://www.netcplus.com/ncfonline_routers.html

Please view the above web link may be it help your issue

Cisco ASA 5505... | Answered on Sep 04, 2009

Not finding what you are looking for?
Cisco ASA 5505 Firewall Logo

28 questions posted

Ask a Question

Usually answered in minutes!

Top Cisco Computers & Internet Experts

Prashant M
Prashant M

Level 3 Expert

2277 Answers

Ekse

Level 3 Expert

13434 Answers

Jeffrey Groves
Jeffrey Groves

Level 3 Expert

573 Answers

Are you a Cisco Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

View Most Popular

ASA Cisco

  • ASA Cisco

Most Popular Question

need help cisco asa 5505 ssl vpn ssl

  • Computers & Internet
Loading...