Hello Cisco Community. I have a problem with power on my Primary cisco ASA. Secondary ASA has bacame an Active state. I need to replace my Primary ASA to new hardware with the same model. Will there be an interruption to network traffic if i change m...
Forum Posts
Cisco 2851 w/NME-IPS-K9 Module - The IPS Module has an IP Address of 192.168.1.2 (Management port) - A seperate NIC in my PC has an IP Address of 192.168.1.1 - I can communicate with the IPS Module with no problems - The Cisco Router has an IP Ad...
I'm replacing my 5516 ASA's due to the forced RMA. Anyways, I'm in an active/standby configuration. I replaced the secondary and failed over to test, all is good and I'm running on it. So the state I'm in is Primary/standby and Secondary/Active. No...
Hello, I built a rule that allows server 1.1.1.1(source) access to server 2.2.2.2(destination) on port 8400 and I tested the rule to make sure it works. I understand that firewalls are statefull and should agree on both directions, but lets say that...
Hi recently i deployed FTD 2140 in HA. i created multiple sub-interfaces on FTD for inter-vlan routing. i am facing one issue regarding Ping between host in different VLANs and i am not able to ping between hosts in different VLANs. 1- ICMP in...
Hello guys, I need help with this issue, I have an ASA 5585 X with a module SSP-40 already installed. and the idea is to activate it (SSP-40 for firepower services) and additionally add the licenses AVC, AMP, filter URL, and IPS, I need to know if I...
I am looking at creating baselines for our FirePOWER sensors (i.e. CPU, traffic rates, etc...) Is there a good way/built in functionality to collect/export this data - other than through a full-blown NMS solution utilizing SNMP? I would like to s...
Hi, how can I send Syslog messeages of Access Control Rule to an external Syslog Server? I need to see which connections are Blocked or Allowed for specific Rules. In logging settings for Access Controll Rule I can configure Syslog Alert but I don...
This is my lab, I need to transfer files to and from my ftp server filezilla, I am running this on GNS3 and doing a wire shark capture I see no ftp packets leaving the firewall - I don't know how to interpret the output from phase 2... ciscoasa/act...
We have a fiber based connection from our ISP that uses an on-prem Edgewater device. The connection uses a /29 IP block with the first IP as the gateway, the second IP reserved for the ISP's voice server (Edgewater device itself maybe?) and the thir...
Hi, What is Dynamic Source Routing? what is the difference between DSR and Dynamic Routing Protocol, and Policy based routing. Does cisco Routers support DSR on their IOS? and which versions? Thanks in advanced
Resolved! Efficient way to show NAT rules
Hi On our ASA, I have about 300 NAT rules, and running everyone line through in ADSM isn't that effective. I need the inside addresss eg, 192.168.10.225 and the NATed address, in the same output - is there any "sh xxx | xxx" that could provide that...
dispatch unit process using almost 100% CPU; frequency of the incident is 2 hours; FW get hanged and after removing the cable from FW, it get stable; again same after 2 hours; hardware:- asa 5520 topology:- SW 2960----------FW5520_______asr100...
In my current ASA configuration I am running the following policies. Does all traffic have to pass through each policy before it can proceed? Can inspection_default and class-default be deleted if sfr is doing inspection?
Hi , I need your help for configuration migration from Fortigate FW to Cisco FTD as i have more 500 objects and alot oof nating rules and it's very dificult to do it manually. kindly advice Regards,
