Hi, in the log messages for 302013, on outbound, is it possible to determine the source IP. Meaning who is the IP that initiates the connection? Or is the inbound/outbound indication + IP location in the message only indicating of the security levels...
Forum Posts
Hi, I noticed something strange and wanted to share with the community and see if this someone has some info about this behavior. We have a daily Snort Rule Update set on the FMC ( probably not the best option - now I am thinking that weekly would be...
*This is branching from a previous post in a different section. After learning more I figured I'd ask the question in the correct section* Hi,I have a situation where these things happen, I'd try to describe it as thorough as I can.1: I can start a c...
We've just rolled out a new version of Anyconnect 4.10.0511 via SCCM, However some users' umbrella module has not been kept? We also have some build machines where we're not able to download the Umbrella module. We usually connect the machine to the ...
Resolved! tacacs configuration for FTD's via FMC
Dear All, we have a 2130 FTDs in high availability cluster (active standby) managed via FMC 4000. Firmware of both FTS and FMC is 6.2.3.6 with build 37. I need to configure the FTDs to get authentication via Tacacs (cisco ACS). I couldnt find exact...
I have over 1,200 firewalls to be managed and I can't find any documentation on the max number of network objects that can be created in FMC. I also need to know how many times a network object can be overridden. Any ideas?
Hi there,is it possible on the ASA to apply PBR on a NAT interface? PBR is matched by port that is not changed by NAT.
Resolved! ROMMON ASA 5516-X
Anyone have any ideas why I can't get into ROMMON ? Cisco Systems ROMMON, Version 1.1.13, RELEASE SOFTWARECopyright (c) 1994-2017 by Cisco Systems, Inc.Compiled Mon 10/16/2017 17:54:58.29 by wchen64Current image running: Boot ROM0Last reset cause: Po...
We have an HA pair of 2140 FTDs running 7.0.4 managed by an FMCv also running 7.0.4. We've had PBR configured since April of last year, which is allowing us to migrate to a new edge network with new Internet routers and set of ISPs running BGP. As we...
Please see attached image.Are these ACL entries indented only because the CLI presentation wanted to help the user see which ACE's have object groups?Are the object-group ACE's in any way related to the indented ACEs that follow it below?Thank you.
Resolved! ASA ipv6 6to4 or 6to6 nat ?
I have several sites connected via L2L tunnels with both ipv4 and ipv6 active but all traffic come through site1. for ipv4 I do object network obj_anysubnet 0.0.0.0 0.0.0.0object network obj_any6subnet ::/0 serverFakeIPSite1 192.168.100.1serverPubIPS...
Hi All, I am looking for information around maximum supported rules/Policies on a Cisco 9300 Firepower appliance (with SM 40).Couldn't find this information in the documents. please help point me to link where this information is available. #Firepowe...
Resolved! ACL logic, please confirm.
ACL logic, please confirm.On an ASA 5525..."access-list inside_in extended permit tcp host 172.16.0.2 host 1.1.1.1 eq 2222"Is the following a true statement?... "Host 172.16.0.2 using source port 5678 and destination port 2222 will be able to send, a...
Hi,What is PID when we try to integrate with Cisco API's to auto download Broadworks patches or binaries?Regards,
Resolved! route inside 0.0.0.0 0.0.0.0 tunneled
Hi Everyone,On ASA which is running RA VPN.Why we will use this command route inside 0.0.0.0 0.0.0.0 x.x.x.x tunneled?RegardsMahesh
