Why there's a [any any deny] implicit rule at inside interface? As i know inside int security level is highest 100 + stateful inspection why the software defaulted a implicit deny rule?
Why there's a [any any deny] implicit rule at inside interface? As i know inside int security level is highest 100 + stateful inspection why the software defaulted a implicit deny rule?
Hi,I've created in policy ASA (release 9.3) with SGT as source and destination, but in FTP (Firepower Threat Defense) I just find it as SGT source only.In FTP it is possible to make a policy with source and destination SGT? Thanks
Ok this may seem a bit of a dumb question but I just can't get a straight answer from Googling or from the IOS release 15.2 Security Config guide for ZFW. So,I am editing the parameter map that governs tcp queue length in the OoO (Out of Order) glob...
Hello, I have a new server on my dmz which needs external access to a public IP address outbound over tcp/2001 I also need external users to be able to hit this server externally inbound over https I have setup an external dns called server.mydom...
Hi allWe are using ASA 5500-X firewalls with firepower services. They are installed and active in our network. During the FMC installation, default Access Control Policy is define with default action "Intrusion prevention: Balanced Security and Conne...
Hi Team,We are trying to scan the ASA firewall and getting the below error. Is there any way to resolve this issue? Please sugget.We did a security scan of Internal firewall and found one issue - "TLS Session Renegotiation Vulnerability"The TLS proto...
Hi All Just a quick sanity check, basically the requirement is that we NAT all our traffic to 1 ip address when going over the vpn tunnel. The VPN is built on a natted source network of 192.168.1.0/27 , I have set a NAT rule to dynamically NAT all ...
Is there any documentation that states if a Cisco ASA fails open or closed.
Hi Anyone who can explain to me while below section 1 fails whereas section 2 goes through without any issues? The error I get is: (ERROR) Sent (Wed Oct 24 12:18:45 CEST 2018): crypto ipsec ikev1 transform-set aes_sha2 esp-aes-256 esp-sha256-hmac Rec...
Hai I have problem with asa not allowing passive ftp directory listing .code 9.6.4 tried with and with out passive command Also with inspection and with out show conn TCP outside 217.160.123.90:65134 inside 172.18.14.27:52034, idle 0:00:04, bytes...
Hi Everyone, I am facing some weird issue where ping traffic works fine , however tcp/udp 5060 traffic fails. There are 2 interfaces configured as below - ASA/pri/act(config)# sh run int Ethernet0/2.1097 ! interface Ethernet0/2.1097 vlan 1097 namei...
Hello, We are using the IPS module on the Cisco ASA 5525-X Firewalls and we’re running version 6.2.0.6. We would like to forward detailed logs to a Syslog server. We followed these procedures: https://www.cisco.com/c/en/us/support/docs/security/fir...
Dear All, As my FMC virtual appliance was crashed when restore a backup (always show: System processes are starting, please wait.) , I would like to reinstall FMC and try restore the backup again... The original FMCv is managing a FirePower 2110. I w...
Hello, I have ASA 5515-X. It's a model in end of life. I have purchased SSD disk ASA5500X-SSD120 to migrate my ASA 5515 to ASA with Firepower Threat Defense. With the new system of Smart Licensing, did it still possible to license the FTD module plug...
Good Morning I have to migrate firewall Checkpoint configuration to a Cisco ASA 5585X device. Checkpoint has many "accept", "drop", "encrypt" rules. But I could find some rules with action "Client Auth". By Client Auth rules, a user in an user gr...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Subject | Author | Posted |
---|---|---|
07-09-2025 06:38 AM | ||
07-09-2025 06:36 AM | ||
07-06-2025 01:40 PM | ||
07-04-2025 01:59 AM | ||
06-19-2025 07:32 AM |
User | Count |
---|---|
8 | |
7 | |
7 | |
1 | |
1 |