Is it possible to see client DNS queries? I have security intelligence and dns policy configured so the FTD must be seeing DNS queries right?
Forum Posts
Dear Team,Recently we have configured Site-Site VPN on box ASA 5525 to access remote machines via RDP. Is it possible to know how much RAM/CPU would be utilizing for the VPN connection as I have to record for reference? Also wanted to understand how ...
hello everybody I have issue with migration firepower 6.1.0 to 6.2.0 show the following message: Status log:Readiness Check complete with failure log@/var/log/sf/Sourcefire_3D_Upgrade-6.2.0/upgrade_readiness ------ Failure Can you help me ...
Resolved! ASA 5510 getting file via HTTPS
Hi Guys, I have a little problem here. It might be an error on my side, but as it is with every error: I have no clue what is actually going wrong. First, what I want to do: I want to be able log into my ASA5510 with Software Version 9.1(7)19, go...
Hi, we would like to implement URL filtering in our enterprise environment without SSL decryption. Can you please share your opinions and experiences about URL filtering impact on firepower resources and traffic itself? Thank you.
I have 2 ISP. I would like to have systems from VLAN1 access the internet through ISP1 and systems from VLAN2 access the interner through ISP2. Can a ASA 5512x handle multiple ISP routing? If so I could use help setting this up. I am not looking for ...
Hi, I have a deployment consists of two policy nodes and two admin nodes. Primary admin node crashed a few weeks ago, i have recovered it and now it is working as secondary admin node now. However, the certificates are disappeared at the second node ...
What are the advantages/disadvantages of configuring Active/Active vs Active/Standby Failover for Cisco ASA 5510?Which one should be preferred over the other?What's the Best Practice followed when configuring failover?-NG
Dear All, In case i want to inspect MPLS-labelled IP traffic, the same way i do inspection for IP traffic. The reason is - to use MPLS VPN between WAN Edge router and my core MPLS router and at the same time to introduce Firewalling function for ext...
Good day. We have SFR module ver 6.1 on ASA 5516-X connected to FMC 6.1. License: Protection+Control+URL+Malware. Firepower User Agent v. 2.3. User access policy uses passive authentication. All users use Win10 domain connected PCs with domain accoun...
I have a 5508-x running a remote office with servers in a DMZ, a guest network, and site to site VPN back to our headquarters. I'm running into a problem where the DMZ servers cannot access the internet. The servers are operating normally otherwise...
I have a Cisco ASA 5512-X connected to two ISPs. The "outside" interface is our main ISP and the "cable-modem" is our second ISP that people on the guest lan will use for internet access. The default route points traffic through the outside interface...
Hi, I cant ping outside interface of asa firewall . What needs to be checked Thanks
I am receiving this error when performing a packet trace on my ASA 5505. It is pointing to a dynamic nat rule on my outside interface to my public IP as to the reason for the drop. Not sure why this would stop the traffic. I have an access rule to...
Hello Everyone, Greetings !! I have some questions in my mind and I was hopeing if you guys can answer. 1) Say you have to create IPSEC VPN between two FW, but say FW 1 sit behind NAT device and you need to enable NAT-T on it but FW2 has direct...
