in ASA,i have enter SSH command :crypto key generate rsa modulus 1024aaa authentication ssh console LOCALssh 172.32.254.0 255.255.255.0 managementssh version 2ssh key-exchange group dh-group1-sha1Yesterday when i configed,i can logined from SSH。and w...
论坛帖子
Packet Tracer中是否支持防火墙透明模式的部署,希望能快速得到答复
hello :we are using the anyconnect secure mobility 4.5 while the server is asa5515,it will be upgraded to FRP-ASA-1120.Considering different client software products,My question is if the secure mobility 4.5 can be upgraded to secure client 5.0 autom...
We are going to upgrade the ASA5515 to FPR-ASA-1120,i am confused about the difference between FPR-NGFW-1120 and FPR-ASA-1120,i want konw how to choose the model according to the specific request.my current request is ssl-vpn function,so i think it i...
请教各位大神,我有两台FTD1150设备,版本是7.0,使用FDM进行管理,开通了HA,现在我使用ISE 3.2 做为radius服务器,FDM添加radisu服务器去访问ISE,目前有个问题是无论怎么设置,FTD都是使用管理端口去访问ISE,我想通过inside或者outside接口去访问,好像修改不能,在FDM设置radius服务器那里有个可选项 Interface used to connect to Radius server 设置这个好像是可以用其他端口是访问ise的,但是设置后还是...
ise2.7升级3.3,因3.3需要重新部署2.7的配置能入导入到3.3如果可以步骤如何导入导出
Hi friends, I have a FPR-3110 with single power. It was very noisy in my demo lab. I tried to change the fan speed and found only two options and got an error. /////////////////////////////// Demo-dfffsdfDCCCC(local-mgmt)# config fan-speedEnter a 1 t...
About these two modes inline and inline tapWhich one is more suitable? 1or2I referred to this article and the description is 1, which is more suitable.https://rayka-co.com/lesson/cisco-firepower-deployment-modes/1. Inline tap mode can send a copy of ...
请教各位大神,我这边两台ASA5516-X部署HA模式,Firepower模块通过FMC进行管控,现在出现个问题,策略下发失败,显示是通信超时,我在Firepower模块里通过show managers命令查看状态是正常的,相互能ping通,两者IP都在同一个网段,对于这个问题有什么排查思路吗?可能是什么原因造成的?
目前ftd有这个bug,导致在下发配置时deployment failed。 我该如何解决呢? bug文档中给的解决方案,有谁测试过吗? 能否针对解决方案具体描述下过程(因为我测试重新分配flexconfig好像还是异常)。The FTD have this bug, deployment when it issued the configuration failed. How do I solve? Bug solution given in the document, who tes...
ISE2.7如何加载商用SSL证书(阿里云中申请了一个证书,ISE传上去报告不能传马?)
Steps13005 Received TACACS+ Authorization Request - administrator15049 Evaluating Policy Group - dotcomlab.net15008 Evaluating Service Selection Policy - administrator15048 Queried PIP - dotcomlab.net15041 Evaluating Identity Policy - administrator15...
有个问题想请教大家一下, 我这边有台firepower上面配置了anyconnect vpn,碰到一个奇怪的问题,vpn连接以后能够正常获取到ip地址,但是却无法访问内网任何应用,检查防火墙策略,都是放行的,后面我在FMC上查找该ip的活动会话,发现这个地址是灰色的,不知道大家有没有碰到过这种问题,有什么处理建议吗?不胜感激!
1:做简单的账户登入认证,是否需要用到厂家的radius私有属性2:这些私有属性是否有模板可以导入ise中3:提供下配置建议和思路 谢谢
已解决! ise2.7 命令行无法更改时区
ise/admin(config)# clock timezone GMT+8Setting the timezone via CLI is not supported.ise/admin(config)#
