Network Security

Policy static NAT in ASA 9.6

I have a scenario about Policy static NAT in ASA 9.6 I have server listening on port tcp/8443. It will be accessed from specific networks in internet. I want to NAT my server to public IP but port specific only for those specific networks in internet...

FWSM > ASASM migration query

Hi, we are migrating from the Cisco FWSM > Cisco ASASM, the FWSM is operating in transparent mode and we are using multiple contexts, the local MSFC is providing layer 3 services via appropriate SVI's. As this is part of a larger scale migration st...

Install Cisco Firepower User Agent for Active Directory.

Hi All, where do you install the agent for user mapping ? I understand it must be AD,if so does that mean all ADs? how about if you use NTLM, does the browser automatically authenticate the user using their current session? Thanks

Cisco ACI with sub-interface on remote ASA

What is the best way to deploy Cisco ACI with ASA on multiple sub-interface. For example in our traditional networkWe have Core switch that works as L2 & L3 for the network. It has Layer 2 trunk (with all allowed vlan for sub-interface) connecting to...

ASA-5505 Software Update?

I have an ASA-5505 not an ASA-5505X and they haven't updated the software in a couple years. The last date of hardware support is 2022. Have they stopped updating the software already?

Resolved! Route Traffic

Hi. I would like to request some help with the following case I have. I need to route all the Internet traffic to the Router 1. In the Firewall 2 I created the following route route 0.0.0.0 0.0.0.0 10.154.242.9 1 After that I dont know what else do I...

Reporting in SourceFire FireSIGHT

Hello Community, We have just completed a Clients full upgrade from old ASA's to new 5555-x with full features of FireSIGHT and FirePOWER on ASA, while everything is working as designed we have one issue, This client wanted a single unit to do his UR...

ASA 5580 can't reach my own public ip address from LAN

Hi friends,I'm having a strange problem... I'm using one of my public ip addresses for a static NAT rule to access a PC in subnet of my LAN. From internet I have full access to that PC through public ip address, so far so good. The problem is that I ...

NAT Reflection | NAT UTurn

Hello, One of my clients still has their ip addressing scheme assiged to public addresses. The inside/LAN segment (end-stations and servers) are assigned a public ip subnet(using this subnet as an example: 173.168.157.0/24). The DMZ segment is assig...

Resolved! Hardware upgrade from ASA 5510 to ASA 5516-X

Hi, We are migrating from a 5510 platform to a 5516-x platform. We tried the backup and restore feature of ASDM which to partially work. This is because the interface names on 5516-X are GigabitEthernet while Ethernet on 5510. Hence a different crypt...

Resolved! ASA 9.8(2) support for FirePower 2110

I'm in the midst of working with a VAR to replace 5510s with 2110s and it's just been 1 caveat after another with these devices; mainly VPN. Then today, I received a Cisco software update notification for the 2110s with ASA code 9.8(2) listed. I deci...

Resolved! FTD 6.2 BGP AS-Override

Hi, its possible to configure as-override for BGP in FTD? I dont find the right option in the Management Center. FlexConfig is not possible. Kind regards, Michael

OUTBOUND CALLS DROP AT 30 SECONDS THROUGH ASA & 2811

Hi All, My first post on the new look forum. OVERVIEW OF PROBLEMIn our current network, we have a Freepbx SIP server with an ASA5510 facing the internet and a 3750 LAN side with 5 VLANs. Voice has its own VLAN. We are introducing a second ISP connec...

Resolved! Deplyment ACS 5.8 secondary instance

Hi:I have one simple question, I want to implement a secondary instance to my server ACS. Those servers have to be in the same network?? This is necesarry for replication?.Because right now each one have its own net. Thanks.

Resolved! Pros/Cons: Migrating from Cisco to Meraki cloud

We have around 150 remote offices, each with at least two broadband connections; the original goal 10+ years ago was to use separate connections (one for staff and 1+ for customers) to minimize cross-traffic affecting performance and stability. Our o...

Network Security

Forum Posts

Policy static NAT in ASA 9.6

FWSM > ASASM migration query

Install Cisco Firepower User Agent for Active Directory.

Cisco ACI with sub-interface on remote ASA

ASA-5505 Software Update?

Resolved! Route Traffic

Reporting in SourceFire FireSIGHT

ASA 5580 can't reach my own public ip address from LAN

NAT Reflection | NAT UTurn

Resolved! Hardware upgrade from ASA 5510 to ASA 5516-X

Resolved! ASA 9.8(2) support for FirePower 2110

Resolved! FTD 6.2 BGP AS-Override

OUTBOUND CALLS DROP AT 30 SECONDS THROUGH ASA & 2811

Resolved! Deplyment ACS 5.8 secondary instance

Resolved! Pros/Cons: Migrating from Cisco to Meraki cloud

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FirePower 1120 (ASA) Chassis Name Change

9200和9300，通過管理口進行tacacs認證失敗，找不到原因

Firepower 2120 chassis manager https access refused

FMC Unable to Join CSSM On-Prem

Fixed: "show conn flow-rule qos" gives Syntax Error: Illegal parameter

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC

FMC-ASA-SFR compatibility

FMCv Migration FMC2700

TX retries dropped packets