Hi, I need to enable an ASA firewall to trust DSCP markings, I know on a switch it is 'mls qos trust dscp' can anyone tells me what the equivalent command is on an ASA? Thanks
I have two standalone asa5525-x firewalls, on both of them the show version command shows failover license as active/active. Can I uses these two to make a active/standby failover pair?In ASA what are the failover license types? Is it different from ...
We recently purchased (2) ASA 5515-X with a 3 year IPS only license. The Firewalls are setup and working as expected, I have also completed the basic configuration of the CX module and applied the IPS license. Can someone point me in the direction o...
Hello,This concerns a ASA 5512-X.I've got two subnets:- the management one: 10.10.0.0- the internal one: 10.10.1.0I've configured the 'management access' that these addresses can access the ASDM. However I'm not able to connect to the management one ...
I'm having a strange issue with ASA 9.3.1 on 5515-X.A vpn device is connected inside LAN and is natted to 2 different public IPs. The problem is that when the primary isp fails and comes back, the remote side is unable to connect to the vpn device th...
Hello all,I'm not understanding why my initial NAT configuration does not work. Here's the goal: we have a site with only one external IP address. At the site we have two web servers that do not have a default gateway. We access other servers at t...
I've been trying to figure this our for a while now looking everywhere, so I'm not sure if I am missing something or just not phrasing my search criteria properly:Guests on the mobile guest network are unable to connect to the exchange server via the...
Experts,I have used migration tool for FWSM configuration and successfully migrated the configuration and uploaded to the ASA module in a test environment , when i was verifying the configuration there many many access list were missing from my produ...
Hi all, I have an object-group (OBJ-Customers) with multiple other object-groups (OBJ-client01; OBJ-client02...etc).When I was adding a new object (OBJ-client0Z) to the main OBJ-Customers, every access-list that had OBJ-Customers got deleted. Now, wh...
We have a guest wireless network configured that grants internet access only to users. The guest traffic is coming from a port on our 5508 WLC directly to the "guest" interface on our ASA 5510 (security level 50). The clients get DHCP from the WLC an...
Good Evening, I was wondering if anyone has been able to block Spotify as an application yet using the CX module? The issue I have is that although users can't download the application, if a user comes in with the application already installed they a...
I inherited an ASA with a new customer. I can connect using CLI, but would prefer ASDM. I have tried to make the changes to the config and to me it looks like it should work, but I am missing something. When I connect to https://XXX.XXX.183.202 , I...
Our Management Provider is requesting for ASA5500 IPS license file to be uploaded to our ASA. We have already renewed our firewall contract with Cisco. Is this not automatic?
HI How do we enable inspection traffic for h.323 and SIP on my Cisco ASA 5500 (ASA Version 8.4(7)3) via Cisco security manager (4.7).We have other traffic inspection enable currently. We know the process via CLI would like to do it via CSM due to or...
Hello all,I just set up a read-only profile for my ASAs. However, I'm not able only to use the function "Built Filter" in "Real Time Log Viewer". As you can see the attached image, I can't see the OK button.I'm using ISE, thus, the solution is setup ...
