FMC – AMP Malware Inspection
KB ID 0001159 Problem If you take a look in your SourceFire dashboard, and there is no data shown on the malware threat section like so; Solution The message is pretty descriptive, and it’s telling you exactly what you need to do. Now I’m making the assumption that you have added a valid AMP / Malware licence like so; Policies > Access Control > Edit your access control policy > Then Edit the file policy. Add in...
Cisco ASA Disable ESMTP Inspection
Telnet to Exchange on Port 25 shows a row of Asterisks? KB ID 0000536 Problem Yesterday my colleague Ben called me over to the help-desk and asked “Have you ever seen this before?” This was what was on his screen. 220 *************************************************** Solution Usually when you Telnet to an Exchange server it gives you a 220 message followed by the “Banner” of the Exchange server, a little...
Mail Routing Issue ‘451 5.7.3 Cannot achieve Exchange Server authentication’
KB ID 0000791 Problem While putting in a New Exchange 2010 server today, I test moved a mailbox to this new site, and could not get mail to flow to the Exchange 2010 server at the clients main site. 451 4.4.0 Primary target IP address responded with: “451 5.7.3 Cannot achieve Exchange Server authentication.” Attempted failover to alternate host , but that did not succeed. Either there are no alternative hosts, or delivery...
Cisco CSC Module – Stop it scanning its own update traffic
KB ID 0000156 Problem The CSC module when it’s installed in your firewall and running, by default scans all traffic in and out including all its own updates and web traffic, this can cause quite a performance hit, to stop this happening exempt the CSC modules traffic from being scanned. NOTE: your access-lists and port groups may well have different names, so I’ll list all the commands to chase them though the...
Cisco ASA – ‘Prove it’s Not The Firewall!’
KB ID 0001049 Problem Yeah, it’s funny because it’s true! The article title might not sound like the most professional approach, but when the ‘Well it’s not working now’ finger gets pointed at the ‘firewall guy/girl’, they need to ascertain two things; 1. Is the problem actually the firewall, if not then help the frustrated party track down the actual problem. 2. If your problem IS the...