Hello all, I am hoping someone else has seen this issue, and can provide some insight. We performed the above mentioned upgrade and have since lost icmp traffic from our DMZ to the outside. All icmp traffic passes fine from the inside->outside, or...
Forum Posts
Good day, Trying to recover a ASA 5505. Not sure of the history but its saying FILE NOT FOUND and going to ROMMON MODE. ASA OUTPUT Cisco Security Appliance admin loader (3.0) #0: Tue Jul 14 22:20:02 PDT 2015Platform ASA5505 Loading...IO memory...
Hello Was trying to find some general practice/ threat detection (and response) to any incoming attacks. I seem to find quite a bit of information but not too many geared towards my 891. Would this fall under Threat Detection or would I build a Fi...
Hello Experts, I have recently purchased few ASA Firepower 5545. I wanted to register my PAK, thus needed to access my ASA > ASDM> configuration> ASA Firepower Configuration option " to findout the license-key. but when I go to ASDM>Configur...
Is it possible to create Intelligent Application Bypass rules that leverage custom application detectors? Is it possible to leverage access policy rules with custom application detectors? When I attempt to do so, they do not show as available appli...
hi, due to the recent SSL VPN vulnerability on the ASA, i need to perform an emergency upgrade. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 i got 5525-X on 9.4(4)5 code with FP module (6.0 image). th...
I am trying to figure out how to exempt all (or even specific) internal traffic from a pre-processor rule (HI_CLIENT_OVERSIZE_DIR (119:15:2)) in FP 6.22. Suggestions?
Resolved! Pix-515E IOS
Good morning,I was wondering if I picked up a used (End of Life) pix-515e, would would I need to do to be able to upgrade it to that latest version of IOS made for that product? Is it still possible to even get access to that version? Will cisco al...
Hi, Just want to ask why there is no anyconenct image on the flash on our new ASA. May I jknow if this is normal? Should i download it manually and upload it to the ASA? Thank you Rojhon
hi, cisco recently released a security advisory/CVE regarding SSL VPN vulnerability. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 the advisory wasn't quite clear to me as it got 2 parts: webvpn feature ...
Resolved! 5505 and SSL VPN vulnerability
Hi everyone, thank you for an awesome resource! The advisory (cisco-sa-20180129-asa1) shows several fixed releases. Will 9.2.4.25 be available for the 5505? I don't see it in the download section. I've upgraded the 5505's to 9.2.4.22 and would ha...
Resolved! ISR 4331 Zone Firewall Setup
I am a telepresnce/CUCM person and i know enough about everything else to be dangerous. I have some new ISR 4331 routers with the Security add on. These are going to be internet routers that i am using for my VCS and expressway CUCM infrastructure. ...
Guys,may be this is a silly question. I want to raise support TAC case with cisco for one of my clients firewall issue.can anyone please help me with how to raise a case? also i want to know how do i check if my firewall can get support from them or ...
I started off by upgrading my ASA 5506-x with ASDM 7.9(1) and ASA 9.9(1). After a reboot the Firepower section in the ASDM was missing. No problem, I thought I would just reload the SFR and reconfigure. I loaded the SFR boot image ver asasfr-5500x...
i have used ssl decryption on firewalls for url filtering and they are where users from inside wants to access internet resources, in this case we need to export a certificate and then install it to each client machine of the organization. If the flo...
