1. do "hw-module 1 reload" to reload IPS cause failover that make ASA02 become active if ASA01 originally is active? 2. is this command "hw-module 1 reload" only can apply to active unit ? in another words, if i type this command in secondary unit ...
Hello everyone, and thank you in advance for your help. I am having an issue where we are migrating from an ASA 5505 to an ASA 5510 and the software versions are quite different as well so they handle VLANs differently. The 5505 (SW Version 8.0(3)...
Hi AllWhile troubleshooting another issue I saw that the MSS of the webservers that I host behind my ASA is 1380. LAB-ASA# sh run all | inc 1380sysopt connection tcpmss 1380LAB-ASA#Then I noticed that the MSS of webservers like amazon.com and cnn and...
Hi All, I have a branch ASA 5505 with a VPN tunnel over a T-1 WAN to the data center, which has a centralized internet pipe. Branch ASA 5505=========VPN TUNNEL===========Data Center ASA 5520=====Internet Pipe I am trying to roll out hierarchical prio...
Hi guys I have a situation when used ASDM to configure the firepower module on the ASA 5506-X.I create a object to filter a URL for example, cisco.com, but when I put that on my policy, the firepower doesn't do anything and the traffic flow is normal...
I am currently using interface based ACL's and during my configuration of HSRP I had to allow my secondary routers IP to multicast to the address of 224.0.0.2 and just the same on the secondary one for the IP on the primary router. If I convert to a ...
I need to know why traceroute command through Cisco FWSM with dynamic PAT does not work.I can only make it work with a non-translated IP or with static NAT.Is this a bug or it just does not work? Cisco FWSM Firewall Version 4.1(15). Thanks a lot,Jos...
I'm trying to figure out if it is possible to configure an ASA cluster (with spanned etherchannel) when the firewalls connect to third party switches configured as a single virtual switch (similar to VSS but not VSS). Since the spanned portchannel "s...
Hey Im migrating a large 8.2 configuration and there is a lot of cleanup and manual labor since the converted configuration is a mess. I somewhat think I understand "proxy arp", but when testing for example a web server nat'ed from a dmz or somewhere...
NA
Hi, i'm trying to establish a HTTPS connection to my ASA from another "site" in packet tracer. I can ping across the sites and into the "inside" network of the other site but cannot HTTPS into the ASA or the web server itself also. Here is the config...
I have lost management access to about 10 ASA5505s all within past few days. Of about 20 or so, half of them are unreachable via SSH or HTTPS. The firewalls are up and operational, including the VPNs to the central data center. I can ping them just f...
Hi community I've got a FireSight 6.0 VM with 4 FirePower modules enabled from four ASA 5506-X devices. They are all updated to FirePower 6.0 and in FireSight I have an activated license: Under device management for a FirePower I still cannot sel...
Hello all, I have installed Cisco CSM Server 4.9 as a software on my customer's Windows Server 2012 (henceforth called as the "host"). I can login on the host using RDP and that too using my AD account as given by the customer. I do not have any acce...
I want to test connectivity on udp port 500 on other side how could i check whether udp port 500 is up or not what command used on cisco router and ASA?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
| Subject | Author | Posted |
|---|---|---|
| 10-21-2025 10:19 AM | ||
| 10-21-2025 08:39 AM | ||
| 10-21-2025 07:22 AM | ||
| 10-20-2025 11:50 PM | ||
| 10-20-2025 02:11 PM |
| User | Count |
|---|---|
| 18 | |
| 6 | |
| 3 | |
| 1 | |
| 1 |
