Hello Gents, we have on our ASA huge number of connections which seems to be idle. Similar to below:TCP INET_FW: XX.XXX.XXX.XXX/56535 INET_CORE: YY.YY.YY.YY/20406, flags UfIB , idle 1h3m, uptime 1h9m, timeout 15m0s, bytes 444 For this specific con...
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,550) -
Cisco Bugs
(36) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(143) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(13) -
Cisco Secure Firewall Management Center (FMC)
(78) -
Cisco Secure Firewall Threat Defense (FTD)
(103) -
Cisco Security Cloud Control
(5) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(259) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(28) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,569) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,775) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(632) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
i want to let users from interface 1/3 , 1/4 , 1/5 to access servers in interface inside , how can i do that ? interface GigabitEthernet1/2 nameif inside security-level 100 ip address 192.168.1.2 255.255.255.0!interface GigabitEthernet1/3 nameif So...
Hello! We have encountered a problem with our Identity Firewall scheme recently (it works on CDA, 4 Microsoft 2012R2 DCs and Cisco ASA as a consumer device). We've noticed that some ip-to-user mappings are missing on CDA although users are in domain ...
Hi, I have to configure static nats with diferrent range of ISP2, they forward another range over this link. For example, they foward range 5.5.5.0/32 to we use from their address : 4.4.4.0/24. I configured the follow configs but donw works: inter...
Hello I upgraded our Cisco ASA 5520 with a Cisco ASA 5585. Though both ASA were configured with default TCP Idle Connection Timeout values people are now starting to complaint that idle SSH connections are being terminated. This is proper behavior bu...
Hello, Good Day! Just wanted to ask what is the fix for this alert? %ASA-4-402119: IPSEC: Received an ESP packet (SPI= 0x229, sequence number= 0x4A2) from (user= ) to that failed anti-replay checking.
I have run into this issue many times with FirePower deployments. Customers want to see what the interface utilization for each ASA/FTD device is at on the dash board. Ive gone through all the widgets and while I found I can create what looks like ...
I have been wrestling with enabling tcp-bypass recently. We have assymetrical routing happening between two providers with BGP configured. I have tried configuring tcp-bypass on the inside interface, outside interface, and globally. Each time the PAT...
Hi All, I am panning to migrate firewall from Old hardware (5510) to new (5508-x). old hardware is running with IOS version 8.4(7)30 and new with 9.5(1) My question is Can I directly upload old configuration ( after changing Interface details only) ...
I'm working on some requirements to secure our devices. On the ASA, the SSL settings has SHA1 listed as the hashing. Is there a license feature that updates it to SHA2 or greater?
I'm looking for the most recent Cisco audit files to use with ACAS. Is there any available (after 2010) and if so, where to download them. THANKS!
Please can anyone put me through on how to set number of login limitation to a linux server behind ASA Firewall. Will it be done on the server or Firewall? How can i achieve that? Thanks
To manage 4110 firewall i must to have firesight ? even if i didnt buy any firepower lic ?
I installed the SFR module on the ASA and ran through all the configuration. I registered it to my FirePower Management Center, however I failed to add the license to the SFR prior to doing that and the Management Center is not seeing my smart licen...
IPS report shows victim IP address on which the attack was launched, how is external attacker able to attack specific private IP addresses in a huge infrastructure?
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 10-24-2025 02:59 PM | ||
| 10-24-2025 02:01 PM | ||
| 10-23-2025 07:14 AM | ||
| 10-21-2025 08:39 AM | ||
| 10-20-2025 12:53 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 11 | |
| 5 | |
| 2 | |
| 1 | |
| 1 |
