Network Security

How to permit for nmap scan to ASA

Hi All,If need to nmap scan for security Can i some ACL command for permit nmap scan to ASA for tcp22/443. Ex. access-list NMAPSCAN extended permit ip host <ip-nmap host> host <IP Interface Firewall>access-group NMAPSCAN in interface <interface-name...

Resolved! firewall and Packet Filtering in WAN infrastructures

Hellohow to implement firewall and Packet Filtering in WAN infrastructures ?what are the technologies to allow us implement the firewall to secure wan technology ?Does SD-WAN technology implement firewall and Packet Filtering?i wait a reply from expe...

Resolved! Cisco Firepower VS Fortinet SDWAN

Is Cisco Firepower (DVTI and PBR w Path monitoring) equivalent to Fortinet SDWAN?

Access list isses on VTY lines

Hi I was hopeing some one could explain how to do this.I am trying to restrict my core switchs (4506's) to only accept incomming SSH and Telent (managment) traffic that is directed to a single ip interface.I thought I could do this by placing a acces...

Resolved! Zone-Pair depreceated in ASA Firepower?

HejI am trying to configure ASA FPWR 1150 (Version 9.16) with Zone based security.I have been trying to find CLI based examples for it but all of them seems to be for IOS based. I can create a zone and apply interfaces to a Zone. However, the "zone-...

client behind ftd cannot reach other subnets on FTD or

Hi,I have setup a test lab where i have a host behind FTD. In FMC i have setup a nat rule and an ACP and rule with correct settings .. for some odd reasons the client cannot reach internet. in packet tracer all is good and result is allow. The clien...

The published server entry has disappeared ASA 5506X

We created a public server in ASDM for Exchange Server, published the smtp and https service. After some time, this entry disappeared. In the access rules, the access sheet and nat entries for were also created, but they are in the same place. Where ...

Resolved! IPS engine

Helloi want to know how IPS engine can cover :Antivirus , web filter , EMail filter , control d'appkication ...? second question :what's differnce between IPS engine and IPS sensor ? I wait a reply from expert security Thanks

Resolved! Cisco ASA - Migration from a single physical interface to Port-Channel

Hello Cisco Community, I have a Cisco ASA Firewall and I need to migrate one of the inside interface from the current Gig0/2 interface to a new Port-Channel using also this same interface. Here is an example of my current setup: interface GigabitEthe...

Resolved! v7.x Netflow to remote collector ?

I have a bunch of FTD's around the globe all managed by FMC, they are v7.x code. The ones local to the Netflow collector (as in same subnet address range) work as expected, the ones in remote locations don't.The ASA's they replaced used to send Netfl...

Resolved! Cisco ASA via ASDM using NAT RULES

Hi everyone,this is my scenario,how can I do that over cisco Asdm gui or cli,Could you help me please?;-I want to route the packets coming from the 10.120.0.0/16 ip my source vlan eca to the 10.150.11.4/32 and 10.160.11.5/32 ip to the 172.10.10.1/...

Resolved! Firepower 1140 does not have enable mode

Full disclosure, I am a Juniper guy But I've inherited a cisco 1140 firepower ASA firewall appliance. All the docs I'm reading seem to indicate I should be able to ssh in (I can) and then run enable to be able to make config changes(i can't). Ther...

FirePower 1010 hardware failures?

I recently installed a HA pair of FirePower 1010 devices running ASA software.After working out how to enable the license tiers and Security-Plus feature they were working OK and I tested failover several times as well as upgraded the software to the...

Resolved! Is the firepower, deploy button being inactive a license issue?

In 2021, I completed the installation of Cisco Firepower 2110 NGFW in a project and the license period was 1 year. In 2022, the license expired but my device continued to work. yesterday suddenly the internet went out, even the changes I made on the ...

Security Intelligence in comparison with DNS policy

Hi to all ,i am in the phase of implementing Security Intelligence to an FTD, and i noticed that there are numerous URLs that can be blocked via Security Intelligence when it is activated.For example i noticed that there are (currently speaking) 2044...

Network Security

Forum Posts

How to permit for nmap scan to ASA

Resolved! firewall and Packet Filtering in WAN infrastructures

Resolved! Cisco Firepower VS Fortinet SDWAN

Access list isses on VTY lines

Resolved! Zone-Pair depreceated in ASA Firepower?

client behind ftd cannot reach other subnets on FTD or

The published server entry has disappeared ASA 5506X

Resolved! IPS engine

Resolved! Cisco ASA - Migration from a single physical interface to Port-Channel

Resolved! v7.x Netflow to remote collector ?

Resolved! Cisco ASA via ASDM using NAT RULES

Resolved! Firepower 1140 does not have enable mode

FirePower 1010 hardware failures?

Resolved! Is the firepower, deploy button being inactive a license issue?

Security Intelligence in comparison with DNS policy

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application