Hi All, Need help. I have my ASA5525 ver 9.8. configured for dual ISP. ISP1 where all traffic goes through except URL abc.com that is supposedly bound for ISP2. thank you in advance
Forum Posts
Resolved! Firepower Rule 1:39725:3 false positive?
Hello, for a couple of weeks we see in our firepower system a great amount of Server-Webapp Drupal restws page callback command injection attempts. Firepower shows us the clients and said the issue came from the AviraUpdate Client. But why should the...
Hello freinds pls see attachment , i m getting "cannot allocate memory " when i copy asdm from tftp thanks ibrahim
Hi, I have Cisco ASA 5585-X with description on the below: Mod Card Type Model Serial No. --- -------------------------------------------- ------------------ ----------- 0 ASA 5585-X Security Serv...
Hi, As per the documentation FireAMP blocks malware based on known hash and Firepower and can hold the file for 30 secs to get the verdict. In case if the verdict is unknown by FireAMP then can we use the ClamAV engine which is part of local malware ...
Hi Experts, 1. Does firewall inspect UDP traffic like TCP, do I have to allow return traffic for UDP. 2. for e.g: I have a rule which says traffic that's being sourced from inside (10.10.10.10 ) going to outside (20.20.20.20) on UDP port 33000 i...
I have run into an issue where redundant devices devices behind an ASA that are using it as a default GW are having problems at failover when there is a MAC change on a VIP. The cisco CSS utilizes gratuitous ARPs on failover, and until the arp cache ...
Gents, I would like to know your opinion on the below design to protect the servers of critical business applications from the operational staff. I made my ASA the Gateway for the critical business applications' servers. Means any user accessing ...
Hi, We have a FirePower 8350 appliance configured for IPS "monitor-mode" or IDS mode. The FirePower appliance connects directly to our Nexus 9k core switches. We have SPAN configured on this core switches to send a copy of the traffic to the FirePo...
I have a Firesight 1500 system running 6.2.2 I am trying to launch a manual NMAP scan of a host by going to system--tools--scheduling and selecting NMAP scan the problem is, when I select a scan, the time, etc. I don't have the option of spec...
Hi all, please for your help on the below. I am trying to rate-limit a couple of internal subnets for traffic to the Internet, to keep them from overwhelming our Internet feed (50Mbps) but the limit does not work. I have set a maximum input/ouput p...
Resolved! Asymetric NAT ASA Working?
Hi, this is a weird question, but I have this customer, that asked me to give them a reason why this was happening: They configured a static NAT on their FW. Easy one, just changing the IP source of one Server X.X.X.X, to IP address Y.Y.Y.Y; when goi...
Hi, I am working on a ASA5520 (V9.1) and have some trouble in understanding the ACL configured on the internet interface. The two ACLs are applied on the out direction of internet interface. !access-group internet_access_out out interface internet!...
Hi, We have seen a report for a malware sample with a score in the range of 70 to 80 but there is no reference to that hash in virus total. what is the way to submit the same sample for verdict-reanalysis (sandbox again or manual analysis by Talos)...
Resolved! ASA Upgrade 8.4(7)29 to 9.1(7)20
hi, i need to upgrade ASA 5550 8.4(7)29 to 9.1(7)20. per link below on upgrade path, i can directly upgrade to 9.1(7.4) but it didn't mentioned 9.1(7)20. https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0...
