Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Register for SecureX webinars to learn about our newest integrations and features.

4647
Views
0
Helpful
10
Replies
gvindio
Beginner
Beginner
‎02-04-2021 03:50 PM
‎02-04-2021 03:50 PM

Firewall blocking an address

 

I am trying to set up Call manager CDR records to go to our new cloud call accounting server and keep getting blocked by the firewall and hope you can direct us to the right place to fix this.

 

I see this in Events:

 

9A5459FA-74CF-46EE-B39D-241B76FDCE13.jpeg

And I created this policy rule but it still doesn’t work:

 

44398424-0BE8-4C5B-9EEC-57AF6181143A.jpeg

 

 

 

 

 

 

Labels:
0 Helpful
10 REPLIES 10
Tyson Joachims
Rising star
Rising star
‎02-04-2021 05:10 PM
‎02-04-2021 05:10 PM

I don't see where this packet was blocked. I noticed that you're using the Firepower Device Manager and are looking at events. Have you used the filter "Rule Action=Block" and "initiatior IP=10.1.32.11". This will only show traffic that is blocked from that host. If you leave it on this page for a little while and don't see any packets getting blocked, it may be something else that is causing the packets to be rejected.

0 Helpful
gvindio
Beginner
Beginner
In response to Tyson Joachims
‎02-05-2021 08:35 AM
‎02-05-2021 08:35 AM

I ran it again and I still show it being blocked.

[cid:685B74C6-1CAB-4451-84B1-4448846DE4F8]

[cid:78E49DF7-3E98-42D6-AB8F-5D4F81E96A35]

0 Helpful
Tyson Joachims
Rising star
Rising star
In response to gvindio
‎02-05-2021 11:08 AM
‎02-05-2021 11:08 AM

If you were adding screenshots, the images did not come through. Could you please try again?

0 Helpful
gvindio
Beginner
Beginner
In response to Tyson Joachims
‎02-05-2021 11:42 AM
‎02-05-2021 11:42 AM

gvindio_0-1612554088369.jpeg

 

 

gvindio_1-1612554120749.jpeg

 

0 Helpful
Tyson Joachims
Rising star
Rising star
‎02-05-2021 11:58 AM
‎02-05-2021 11:58 AM

What does your "inside_access_in" policy look like?

0 Helpful
gvindio
Beginner
Beginner
In response to Tyson Joachims
‎02-05-2021 12:19 PM
‎02-05-2021 12:19 PM

[cid:415EE74E-7DBB-4B7C-9963-734AC158D55B] Please type your reply above this line -##


Sent from my iPhone
0 Helpful
gvindio
Beginner
Beginner
In response to gvindio
‎02-05-2021 04:12 PM
‎02-05-2021 04:12 PM

[cid:9D919D6B-D4D3-43BF-8B7F-2CF2B96C377A] Please type your reply above this line -##


Sent from my iPhone
0 Helpful
Tyson Joachims
Rising star
Rising star
In response to gvindio
‎02-05-2021 04:17 PM
‎02-05-2021 04:17 PM

I'm not sure how you adding pictures to your post but they are not coming through

0 Helpful
gvindio
Beginner
Beginner
In response to Tyson Joachims
‎02-05-2021 04:48 PM
‎02-05-2021 04:48 PM

Capture.JPG

0 Helpful
Peter Koltl
Rising star
Rising star
‎03-02-2021 09:50 AM
‎03-02-2021 09:50 AM

On the previous screenshot the source port was also set. Now it is ‘any’ so the corrected rule may as well work now.

0 Helpful
Latest Contents
Network Security All-in-one ASA FTD WSA Umbrella ISE VPN Lay...
Created by Meddane on 05-17-2022 06:18 AM
2
0
2
0
Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios wi... view more
Understanding IP Layer Enforcement on Cisco Umbrella
Created by Meddane on 05-17-2022 03:10 AM
0
0
0
0
Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website is trust or malicious, the idea behind the Layer DNS Security is that the modern attacks uses the DNS in the first step either to redirect the use... view more
Cisco ISE Integration With F5 BIG-IP LTM Load Balancer for G...
Created by Meddane on 05-15-2022 02:24 AM
0
0
0
0
I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces.   The method used for Guest Access is the Self-Registration. Healt Monitor using HTTP... view more
Cisco ASA 9.714 version SNMP not working in EVE-NG LAB Envir...
Created by waqas.muhammad49 on 05-10-2022 06:56 AM
0
0
0
0
I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the... view more
ISE Integration with Eduroam External Server
Created by deepuvarghese1 on 05-09-2022 08:31 PM
3
20
3
20
The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad
Additional Cisco Threat Response Resources


August's Community Spotlight Awards