I'm not fully familiar with ASA's but I'm really stumped and need help. I have a HA pair of 5510's with a current ISP connection in them. We now have a new ISP connection which I have connected to Eth0/3. The link has been provisioned as a /30. Last week, I connected it up, set the interface with it's IP and I could ping the opposite end ISP GW. All good.
So I went to migrate today and wanted to move the new connection across into Eth0/0 and leave that interface called "outside", and apply the IP on it. Anyway, it would not work. I failed back and began to try and investigate what the issue is.
So now, having reverted back, no matter what I do (shut / no shut) (disconnect link to secondary of HA), the interface Eth0/3 is now down/down, despite the link light being on, and the connection from an intermediate switch showing as up/up - but sending traffic and receiving nothing back from the ASA.
So it looks like the ASA port is stuck in some state. A reboot left it in the same state - I just cannot get it to come up again.
I took the cable out of the ASA and connected it into my laptop, assigned my laptop the IP address that the ASA is being given - perfect - I can reach the ISP and beyond. So I put it straight back into the ASA and ........ still down / down. If I remove the speed and duplex, still no joy.
Any help or suggestions would be greatly appreciated
Attackers will always target the "low hanging fruit": devices that have passed end-of-software maintenance and end-of-support. A few years ago, Cisco described the evolution of attacks against infrastructure devices. All of the attacks discussed in t...
I somehow stumbled upon Cisco's IBNS 2.0 Auto Identity (AI) templates in my CML/VIRL IOSv layer2 image (IOS 15.2(6)).
I find these templates great, because these are the best practices that we tend to hard-code manually - e.g there are...
Hello. Thanks in advance for any input. I have just spun up a Cisco ISE lab and having some issues with the certificates. I created a self-signed certificate to be used with EAP and admin. DNS name of ise1.example.local points to the ...
Adversarial Tactics and TechniquesA Call to Action
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. Cisco ISE supports posturing of endpoints with different ...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...