Hello guys I need your help, We are using a virtual asa for vpns user, thats ok, works fine, but I don´t have a permanent licence yet, mean while Im using a demo licence and this expire tomorrow, Cisco give another demo for 30 days si... this my q...
I am working on creating ACL to lock down our VLANs. I am running into some issue though. These are outbound ACL'sHere is my ACLip access-list extended veneer-75remark permit KaceSMA agent accesspermit tcp host 192.168.210.70 10.2.75.0 0.0.0.255 eq 4...
I have already configured one of my ASA with Azure SAML SSO authentication. My second ASA is having the following error: authentication failed due to problem retrieving the single sign-on cookie when connecting to AnyConnect. I have verified certs, c...
I have a static route on my ASA5545X I need to remove. It points to a remote network through a downstream gateway.When I do a no route inside 172.31.150.0 255.255.255.0 172.25.36.1 I get the message: cannot remove connected route There is a command t...
See this message on the FTD when looking on FMC. Will clicking the re-enroll certificate cause any issues?
HiWe ahve FTD2100 and have different security zones what is the purpose of interface groups and are they needed, i just created x2 new sub-interfaces and security zones but havent created interface groups there are other interfaces with groups, is t...
I have the following ACL. For the most part everything is working in the ACL as it should be. The problem is that even though 192.168.203.0 is permitted, I still get denies in the logs. The logs will be below the ACL. We switched from TCP to IP in th...
using Cisco Firepower 2100 ASA Platform Mode. You want to change the mgmt IP on the fxos for NTP Sync. In the Cisco Firepower 2100 ASA Platform Mode FXOS Configuration Guide, it says to change the MGMT IP in both FXOS and ASA, is this correct? If s...
Hi all,What is probably a simple question, but wih a HA pair, how can I configure the ASA's to be able to access the secondary unit ? Should I simply be Telnetting / SSHing from one to the other to the Failover address ?
How will I verify that which policy is currently active for incoming traffic received from Dmz ?I will need to move internal traffic which is coming from Dmz to another firewall. Please advice
Hi, we have below architecture in which routing between different firewall take place via Internal firewalls only. We have used the core switch only to create VLANs and Connect to access switch. We also have Internet firewall which is connected to co...
Hello everyone, I am migrating from an ASA 9.8 (4) 29 to FMC 6.7, but when migrating with the FMT tool it gives me the following error: Blocked charmap I am importing the configuration through a txt file.If someone has had this error, I would be ve...
Hi,I want to add a new VPN Client via Devices -> Remote Access -> VPN -> Advanced add Client.When I want to deploy it I get the following error :rsync based file retrieval failed with exit code10The firewalls we have are two 1140's running in HA.Anyb...
Hi, Can we configure the trunk port on Cisco FPR-2110 to communicate with Cisco 9300 series switches? I want to use Cisco FPR-2110 to allow routing between vlans after trunk port configuration.
We use Rsyslog and LogAnalyzer as our Syslog collector. All our routers/switches/firewalls send Syslogs to Rsyslog. We would like timestamps in the log payload and this works fine for routers and switches, but Rsyslog cannot recognise the timestamp o...
