Network Security

8.4 NAT behavior

Hello community, Still trying to figure it out the new NAT and today I came up with this real-life scenario and now I have some doubts on how the NAT behaves. My configuration: object network LOCAL-wNAT host 10.34.30.36 nat (inside,outside) static ...

ASA5515X NAT/PORT Forwarding failing for ports 8088, 8090 and 61616

Hi I am not sure what is happening here. Ok first my setup, i have Cisco ASA 5515X, ASA software version 9.5(1) ASDM software version 7.5(1)90. I have 2 new webservers on a dmz and i wish to forward incoming connections to them. The internal servers...

ASA secure copy (scp) from unix not working ?

I am trying (unsuccessfully) to scp a file from a unix/linux device to an ASA 5505. The connection is authenticated on the 5505 but the copy fails as it keeps reporting an "SCP send error" (see below). SCP is new to me as I normally use sftp, but tha...

How to save config in asa5515-x firepower?

Hi - this may be a dumb question. Ssh to firepower, is there a CLI command to save and backup current configuration? In firesight dc750, i know i can use GUI to save and restore firesight config but couldn't find a way to save and backup config in ...

Resolved! cisco asa security levels

Hi All, can someone please explain how security levels work? I know from lower to higher is not allowed and read that there is implicit deny on all lower level to higher level. When I need to go from lower level to higher level , why would I apply ...

Resolved! Cisco ASA vs 1941 ?

Dears, I have a cisco Asa 5510 which is doing some basic firewall roles in the network. And 1941 router which is our internet router. We are planning to provide VPN access and also host an database which needs to be accessed from the internet. It w...

Rule creation information

Hi guys, We are using Sourcefire Firesight for the IDS purpose. Someone has created few rules which are capturing the heavy traffic. I would like to know how to get the information about rule creator? Appreciate your help. Thanks, Regards, Jay

Resolved! ASA 5510 intial setup???

I am trying to connect my asa to my network. I am new to firewalls. I started with setting the management0/0 interface on an ip address of 192.168.1.2/24 and connected it to my router with 192.168.1.1/24. Both interfaces are on the same subnet. I tri...

Resolved! Physical Firepower

Hello! There is serious lack of information regarding firepower appliances. For example you can find many things about ASA with SFR, but nothing about physical Firepower appliances. Thats why i have two questions:Can we replace our proxy with Physica...

ASA 8.0(3)6 DMZ configuration example?

Accidentally, I have to implement a DMZ configuration on an outdated and unmaintained ASA 5510 firewall (ASA version 8.0(3)6, ASDM version 6.0). After diving into the manual and some forum posts, I've learned that there was a major CLI syntax change ...

10G interfaces on the IPS SSP-40

We currently have an ASA 5585-X with an SSP-40 as well as an IPS SSP-40. There is currently no IPS functionality in use, the IPS SSP-40 was bought for a future project. Another administrator is under the impression that we can not use the 10G inter...

ASA 5505 Version 8.2(5) Commands to enable port forwarding

I am needing assistance with the command(s) needed to enable traffic from the outside interface using port 8181 to a device behind the firewall. The outside (public) interface is using ip address 66.76.160.79. The device that I need to access behind...

WLC & ISE FIREWALL CONFIG

Hi We have a new WLC with ISE. We can see the laptop connecting to the WLC & ISE as well as on the firewall. On the laptop (in cmd) I can see via ns lookup 8.8.8.8. However when I open a webpage on the laptop i get a 'unable to connect'. In the ...

ASA 5505 only hitting implicit rule

Hello everyone, In my lab environment I have set up a cisco asa 5505 firewall for testing purposes. Got some things working, but I cannot get past the implicit deny rule: I make rules to permit http traffic between interfaces, but the firewall keeps...

ASA Service-Policy: drop count

1. With Modular Policy Framework, what is the meaning of the drop count? See below output of a SFR policy. 2. Does it represent packets that were dropped by the ASA prior to being punted to SFR? 3. If the ASA is dropping those packet, what would be ...

Network Security

Forum Posts

8.4 NAT behavior

ASA5515X NAT/PORT Forwarding failing for ports 8088, 8090 and 61616

ASA secure copy (scp) from unix not working ?

How to save config in asa5515-x firepower?

Resolved! cisco asa security levels

Resolved! Cisco ASA vs 1941 ?

Rule creation information

Resolved! ASA 5510 intial setup???

Resolved! Physical Firepower

ASA 8.0(3)6 DMZ configuration example?

10G interfaces on the IPS SSP-40

ASA 5505 Version 8.2(5) Commands to enable port forwarding

WLC & ISE FIREWALL CONFIG

ASA 5505 only hitting implicit rule

ASA Service-Policy: drop count

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

key advantages of cisco 1220cx Over fortinet firewalls

How to Modify Content-Security-Policy (CSP) for FTD Remote Access VPN

IPsec session (Phase 2) hang. Cisco Secure Firewall (Firepower)

Change Syslog Port Cisco FirePower Management Center

CSCwb82223 - Multiple faults for blades 2 on 4115 with 1 SSP installed

ASA 5516X keeps crashing/restarting

FMCv Licensing

FMC 1000 to HA FMC 1600: Upgrade Strategy & CUFA to ISE-PIC Migration

ASA VPN policy based on AD groups

Which license do I need for the PLR process for a FPR 1120