FTD 2140 running 7.0.5I need to allow ICMP from outside to an inside server. The requests make it through the FTD's and the log on the server shows it receiving and responding. The Analysis on the FTD never shows the reply and the initiating device...
Forum Posts
We have a 5585 pair in active/standby. Each 5585 is directly connected to a Nexus 7k. The 5585's failover link is directly connected via 10g fiber between buildings. I have two new FP4125's that I have created a logical ASA on each one, copied the co...
Hi team,have a question regarding access rules.how come if any any eveyrhting works fine.however when i want to allow lets say connect to facebook, and everything else disable so i put source(inside) network(any-ipv4) ports(any) destination(outside_z...
Hello,I'm attempting to copy an image file to an ASA firewall using FTP. I have an IIS FTP site on a Windows 2019 server. Basic auth. No SSL. I have a local Windows account created which has modify rights on the root folder of the FTP site.My com...
ISE 3.1 Cisco c3850 switch a VMware guest win10 domain PC A VMware guest windows 2016 server a Yubikey 5c NFC hello, im trying to use Yubikey 5c as a PIV to ssh to a switch. The switch successfully logs in use ISE TACACS+ with AD credentials (user...
Hi,I've configured an ASA 5506X with 2 VTI tunnel interfaces to a cloud provider, and I'm getting asymmetric routing (which is to be expected at times). Now, the issue I would like to solve is to tell the ASA to be able to perform stateful inspection...
Hi guys,I have FTD(active and passive ver 7.0.1) managed via FMC ver 7.0.1.I have configured the syslog server in FMC to forward vpn logs to the syslog servers.i am not seeing any vpn logs in the syslog server. I want to know how i can identify the l...
hi, the current deployment i have is the NGFW which is in routed mode so i can use as gateway for all inside subnets. it connects to the ISR router before its connect to the public internet (connection between NGFW and ISR router still private networ...
is it possible to use airespace acl in ISE authorization profile for anyconnect vpn on cisco ASA
I uninstalled Cisco from my Mac, but I am still getting the Cisco AnyConnect Secure Mobility Client Notification window popping up every time I start my computer. The window tells me that the extension has been blocked and tells me to go to my Securi...
Hello, We have an ASA 5515, when our uses use the VPN they can access the local file servers just fine. But when they browse the internet they use their home internet, from what I understand this is split tunneling. Unfortunately, we have a website...
Hi,I have task of deploying 25-30 FPR1010 managed from FMC.Is there an easy way to clone/copy interface/subinterface setup from a standard device or do I really need to type in all the interface config via the GUI. The IP is of cause different but na...
Hello guys I need your help, We are using a virtual asa for vpns user, thats ok, works fine, but I don´t have a permanent licence yet, mean while Im using a demo licence and this expire tomorrow, Cisco give another demo for 30 days si... this my q...
Resolved! ACL Denies With Permit Statements
I am working on creating ACL to lock down our VLANs. I am running into some issue though. These are outbound ACL'sHere is my ACLip access-list extended veneer-75remark permit KaceSMA agent accesspermit tcp host 192.168.210.70 10.2.75.0 0.0.0.255 eq 4...
I have already configured one of my ASA with Azure SAML SSO authentication. My second ASA is having the following error: authentication failed due to problem retrieving the single sign-on cookie when connecting to AnyConnect. I have verified certs, c...
