Having bit difficulty nating let's say 192.X.X.X to 50.50.50.1 public IP. I need to allow all types of traffic I would say from the internal 192 LAN to the outside. Can anyone help me with a NAT object statement?
Forum Posts
Case 1: ":Feb 25 16:42:16 EST: %ASA-session-4-500004: Invalid transport field for protocol=TCP, from {Black listed IP}/{random source port} to {public server}/0 " Case 2: ":Feb 25 16:42:16 EST: %ASA-session-4-500004: Invalid transport field for pro...
Hi, I'd love to some known bad names that should trigger a blacklist event for DNS policy within Security Intelligence. Can anyone provide this? I just need a couple for testing post roll out. (i know i can source some on the internet reports, but ...
I have two VPN tunnels to distinct external entities. Each entity only allows traffic from a specific IP address. I need to use a single NAT/PAT address for traffic through tunnel 1 and a different NAT/PAT address for traffic through tunnel 2. En...
Resolved! FTD High Availablity with FMC
Hi, I have two ASA 5545 Firewalls with Firepower service, firewalls are configured as High Availability without problem. now i am trying to setup two FTD as high availability on the FMC. both of them are registered on the FMC and in the same group....
Recently we decided at the office to upgrade our ASA firewalls to a newer version, up from version 7.2(2). We have 5 external IPs, x.x.x.13 up to x.x.x.17, these are all linked to different servers (http, https). Only the x.x.x.13 address is configur...
Resolved! Allow ICMP type 11 on outside_in ???
Hi. I get a lot of ICMP deny in our firewall log - Typically type 11,0 like this: Deny icmp src outside:77.243.33.157 dst Support_Net:10.10.60.206 (type 11, code 0) by access-group "outside_access_in" [0x0, 0x0] Q1) Should i allow these Time Exce...
Hello all, I have the following topology and need to configure port channels between Core and firepower 7125 Could anyone help with the correct conf of the port-channel on The IPS (P1 and P3 ) through the FMC ? Tried the conf on the core switch ( ...
Hi Team, Need your help to troubleshoot OS upgrade ASA 5550 from ver 9.1(7)7 to 9.1(7)19. Scenario: Standby was running on old version [9.1(7)7] and was Active. Primary was standby with latest version [9.1(7)19]. So, what basically I did: Primary...
Hello, I have already prepared configuration for cisco ASA and I will upgrade it directly to 9.1.7.23, I have prepared configuration. I want boot configuration from txt file, which I prepared, so I will press this commands boot config flash:/ file....
Hi ! All May I ask the FirePower 2130 EIGRP route entry limit ? tks
Hi, Hi, We are a school of around 800 students and 300-400 employees, upgrading our single core cisco 6509E switch to redundant core with VSS (not sure which switch model we will get) . We use only ACLs now but i suppose that is not enough security ?...
Resolved! FMC 1000 Port-Channel query
Hi Community, I see that the FMC 1000 has two Management interfaces. From the documentation I have read I believe that you can use both interfaces concurrently dependant upon your deployment requirements e.g. direct different types of traffic over ...
I am trying so hard to use and love the new NGFW offerings. Especially the new OS, Firepower Threat Defense, since it combines the traditional ASA and SourceFire modules. The only thing that is holding me back is the lack of features available on C...
I am trying to permit an ICMP ping from Hurricane Electric to keep my IPv6 tunnel alive. I am stumped on how to permit this ping and reply from a certain IPv4 address they use to the router's self zone with Zone Based Firewall. Any suggestions? Ric...
| User | Count |
|---|---|
| 10 | |
| 7 | |
| 5 | |
| 2 | |
| 1 |
