I would like to setup sort of a single source of truth for time on the network. Our WatchGuard box at HQ already has pool.ntp configured on it and our servers are then getting NTP data from the WatchGuard. I'd like to also have the ASA 5525, who is...
Forum Posts
Hello Everyone,We are implementing the 802.1x authentification in our network and everything works quiet well with CIsco phones. The challenge we have is with NO Cisco devices . Please find below the list of devices we have in our organizatiion. Télé...
Hello.My task is to investigate IDS/IPS solutions for my enterprise.QUESTIONS:1. ASA "Firepower" technology-- can this solution be implemented with only one ASA running Firerpower, or is an additional server needed?2. This solution requires Firepower...
With Prefilter Fastpath, traffic bypasses inspection and is basically fastpathed out of the ftd device into what you may call a "toll bypass' hardware lane of some sort.With Prefilter Analyze the traffic does not bypass inspection....the question is ...
Is there any way that Snort can still block or drop a packet/traffic even if i already added a prefilter policy that sets as any any network and with fastpath? Also i have disabled all my access control policy except for default ACP that is set to "T...
We use the Cisco Firewall Migration Tool 5.01 on a MS Windows Server and cannot start the the tool. Error message: [INFO | cco_login.py] > EULA check for an user DEBUG | common.py] > session table records count:1[INFO | common.py] > Telemetry push : ...
HiI have a Cisco ASA 5506-X version 9.9(2)85, perpetual basic license with two WAN links - Primary (PPPoE to VDSL bridge) and Secondary (4G LTE modem/bridge).Although the 4G LTE modem/bridge is a L2 device, it has a mangement IP address which is reac...
Hi Cisco Community Right now we have an issue to migrate routing from Sonicwall to Cisco FMC VM as we found out that sonicwall can configure different Interface in one routing policy as per below. DMZ use X1 interface IP but gateway use X4 interface...
How to download all hashes stored on firepower management ?
Hello,Can't create NAT to inside from outside(pppoe) cause acl-drop in packet-tracernat (outside,inside) source static any any destination static interface TAAAS unidirectionalinterface GigabitEthernet1/1nameif outsidesecurity-level 0pppoe client vpd...
Hello,I have bypassed the sqlnet inspection, in packet-tracer phase 3, it shows that it is bypassed:Phase: 3Type: CONN-SETTINGSSubtype:Result: ALLOWElapsed time: 3794 nsConfig:class-map oracle-tcp-bypassmatch access-list oracle-tcp-bypasspolicy-map g...
Hello Community.I am exploring Clientless SSL VPN and i implemented smart tunnels and port forwarding.I want to explore how those options work by understanding how the traffic flows from the client to the ASA.I am looking for examples with the TCP/IP...
Please HELPI encountered this error after UPDATING the system from version 6.6.1 to 7.2.5Now it says that there is no access to the Internet, although all users have accessWhat can be done?
Hi all,I would like to address a question that I could not find the answer in the documentation. We have a Cisco FTD and we are asked to add an IP to the global black list. We are also using CIsco Security Intelligence. How can we check if the IP is ...
