Resolved! How to ACL restrict L2L Peer Connections
I'd like to restrict incoming L2L traffic to just my list of allowed peers. What's the best way of accomplishing this?
Forum Posts
When I do a wireshark capture on a switchport, I see my client's SYN go out and the SYN ACK come back within the same second. However, on the FWSM module sitting on the same switch, the SYN ACK doesn't arrive until after 30 sec and so it gets dropped...
Resolved! ASA Sensor upgrade fails
I will readily admit I'm still learning the platform I inherited. I have a Defense Center version 5.4.1.3 virtual appliance, and an ASA 5515-X running sensor code 5.4.0 that I just recently reimaged to get it working properly again: Sourcefire Li...
When you have a sla monitor configured for fail-over internet. If this was my config below assuming it was configured correctly elsewhere. Does it fail-over if 1 packet doesn't reach 8.8.8.8 or does it need all 6 packets to fail before it fails over?...
guys can you tell me how to check if webvpn is enabled on a firewall. Thanks ravindra
Resolved! Allow only maps.google.com
Hello, have a problem with rule for ASA 5505. I need block all tarffic except maps.google.com:regex googleMAP "maps\.google\.com"class-map type inspect http match-all BlockDomainsClass match not request header host regex class DomainBlockListpolicy-m...
ASA 5512-x requires new IOS. we discovered today that when we try to upload new IOS to flash either via ASDM or copy cli command the ASA reboots. We are running IOS code 9.1.1 anybody every encounter this?
Hi Is this possible, I want to Route a loopback address residing on the outside LAN context to the the MGMT 0/0
Hello, I see in our SIEM thousand of events called "File Size is Too Small" but they don't seems related to a signature but to a specific URL visited with a js link. Do you have experienced something similar? Thank you! R
hi, I did enable netflow to see the traffic using PRTG but all I am getting from asa is templates .. I did capture 128 packets using wireshak what I have is only this .. can anyone help thank you
Hello !I'm looking for the end of support for each Cisco Adaptive Security Appliance Software version.In my example I'm running 9.4 version on ASAv. I find nothing about this version about end of support.I checked on theses pages but I didn't find cl...
Hi! i noticed that in Firepower Threat Defense Images deployed via FMC, there is no NO-NAT Statement in the FMC Nat Policy needed to allow traffic between subnets. I´m questioning myself how this is configured from the FMC to ASA-OS because if i do...
Hello Guys, Is there any way to check what type of password in the ASA is configured whether its is type 5 or type 7, also do we have a option for to configure type 8 or type 9. Thanks in advance
Dear All, I have ASA 5506x (Firepower) firewall. we have multiple public servers inside network. i have configured public server in firewall in "PUBLIC SERVER" section against live IPs. all are now accessible from outside on specific ports. the issue...
Hi everyone, Our ISE System certs used for Admin, Portal and EAP are about to expire for 2x PAN and 2x MNT nodes, while all PSN nodes are OK. From what I've read I have to generate CSR's for these 4 nodes only and then bind the certs received from ...
