Network Security

ASA 9.1 NAT Issue

Hi guys,Strange NAT issue on my ASA 5512 (9.1). I have a site to site VPN set up between two sites and have configured multiple NAT exemption rules and a dynamic NAT rule, NAT'd traffic is for any traffic not exempt. Testing to the remote-network was...

Failover tracking interfaces show Unknown (Waiting)

On our ASA 5545 Cluster, Software Version 9.1(4), the Failover Tracking Interfaces show Unknown (Waiting). When the ethernet cable is pulled on one of the tracking interfaces of the active ASA, failover does not happen.ASA1# sh failoverFailover OnFa...

Resolved! ASA 5520 - Can not change default route.

HiMy asa is sitting behind a router the next hop from the ASA to the router is 10.0.0.5 I have tried to change the default route to route DMZ 0 0 10.0.0.5 to no availability right now the default route is (S* 0.0.0.0 0.0.0.0 [1/0] via 172.16.8.20,...

asa ios upgrade gotchas

Hello Guys,I need to upgrade our ASA 5580 from 8.4(4)1 to either 8.4(7) or 9.1. What are the gotchas when upgrading to either of these IOS versions?Thank you for assistance.

Resolved! Advice on upgrading ASA 5510 from version 8.4(4)1

Hello all, Due to an issue we need to upgrade our ASA. Cisco Support team recommended upgrading to version 8.4.7, but, as we'll upgrade, we'd like to upgrade to version 9. We still use Cisco VPN Client for Remote Access VPNs so I'd like your advice ...

Resolved! Cisco CX Configuration

Hi,I would like to configure an ASA CX software module (ASA 5515X on an secondary internet network for my guests.I have setup the initial configuration, i can connets to asdm prsm (single mode), I have installed licenses but I cannot see any events.I...

Resolved! ASA stuck on Rommon when reloaded

Hey all, it seems no matter what I do my ASA 5510 is always on rommon mode after every reload. If I type in boot, it comes up fine with no errors but after I reload, it comes back to rommon. I wiped my configuration and using the default config and s...

Resolved! Can't reach internet through ASA

Hi everyone,I'm trying set up ASA in test lab and have issue witch internet connectivity. Since it's my first experience with this device I've followed documentation and think everything is configured correctly. I can reach internet from ASA's outsid...

Strange NAT behavior

Hi Guys,Can someone explain me why this is happing for this configuration? I have NAT statement for 10.231.7.128 255.255.255.192 subnet. Which should translate/PAT everything going from inside interface to dmz2 with the dmz2 interface (check config)....

NAC Agent won't pop-up to offer login

Hello,I have a Layer 3 Out-of-Band Real-IP-Gateway deployment using VLAN ACL.How come some endpoint won't pop-up? I have made sure the Discovery Host points to the untrusted interface.It looks like the static route added don't do anything.Please advi...

Resolved! Can't get past ASA to internal hosts

Hello,I have a strange issue on my home LAN. I have a front end router connected to my ASA 5505, which in turn connects my internal LAN. (I have attached a diagram since there are several components). I recently upgraded my 1841 router to an RV-32...

Cisco WebSTAR DPC2100R2 Needs Firmware Update.

I have a Cisco WebSTAR DPC2100R2. It is currently running software version v2.0.2r1256-060303The newest revision of the firmware I have documentation on is dpc2100R2-v202r1256-100324asThe new firmware is needed for this modem because of a security g...

Problem with routing voice isp

Hi Guys,I want to add a SIP trunk on my existing network. My ISP offers me on there switch 2900 with a single IP which i have to lead to my 3cx configuration on a HyperV. What configuration do I need to make, to route the voice via the separate voice...

Resolved! NAT/ACL issue on 5525-X

I am new to the Cisco firewall world (coming from Netscreen/Juniper) and am working on getting my 5525-X with the IPS setup and functioning. I am just about there but unable to get FTP through the firewall to work as a test of my NAT/ACL configurati...

IPS for ASA 5500-X Series Question

Hi,I have few question on ASA 5500-X and Integrated IPS, like ASA5555-IPS-K9:1. What is the next gen firewall IPS feature on ASA5500-X without the additional IPS module? What is the difference between having only a next gen firewall ASA 5500-X versu...

Network Security

Forum Posts

ASA 9.1 NAT Issue

Failover tracking interfaces show Unknown (Waiting)

Resolved! ASA 5520 - Can not change default route.

asa ios upgrade gotchas

Resolved! Advice on upgrading ASA 5510 from version 8.4(4)1

Resolved! Cisco CX Configuration

Resolved! ASA stuck on Rommon when reloaded

Resolved! Can't reach internet through ASA

Strange NAT behavior

NAC Agent won't pop-up to offer login

Resolved! Can't get past ASA to internal hosts

Cisco WebSTAR DPC2100R2 Needs Firmware Update.

Problem with routing voice isp

Resolved! NAT/ACL issue on 5525-X

IPS for ASA 5500-X Series Question

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application

Disable checking of SIP traffic on FTD via FMC