I have two FTDs, one with one ISP and one with two ISPs, and need to have failover tunnels between them. The internet connection fails over with SLA monitor and different metrics. The site-to-site tunnels are set up as route based with two static VTI...
Forum Posts
I have three Subnets connected through a router in my LAN (Inside interface)route Outside 0.0.0.0 0.0.0.0 1x.1az.az.161 1route Inside 192.168.2.0 255.255.255.0 192.168.0.254 1route Inside 192.168.16.0 255.255.255.0 192.168.0.254 1route Inside 192.168...
Possibly a silly question, but I can't find the answer in the guides. On FTD with an Anyconnect VPN set up for remote access over the Internet. Anyconnect users get a private address assigned from a VPN pool as normal. Now when creating a ruleset to...
Hello, I am having a hard time finding Cisco's recommended or best-practice for this and so, maybe someone can help! We currently use an ASA with the Firepower service module. All traffic that is allowed on the ASA proceeds to be inspected by IPS. We...
Quick question please...CSR 1000v ACL syntax-- use wildcards or masks?Thank you.
I have a SG350 switch between a ESXi host and a PaloAlto firewall.I'm trying to use private-vlan but I cant get any traffic to work between them.Topology:ESXi - SG350 - Firewall(gateway)The configuration in short looks like this:ESXi;private vlan in ...
Hi All, We are facing an issue with the FPR 2130 network module 1G and 10G with version 7.2 onwards in FPR 2130We can see the network interfaces of FPR 2130 in built and Network module with version 7.0.4 but with version 7.2 onwards we can see only t...
For IPsec Site-to-Site VPN, is the Firepower 2100 running FTD code supported/recommended or should we stick with the ASA code running on the FP2100?
Have an ISPEC tunnel between an ASA and Router that will go down periodically and not be able to be brought back up and/or both sites can't reach each other unless the SAs are manually renegotiated on my end. Below is debug for platform/protocol 127 ...
Good Morning,Could someone please help me figure this out?I want hosts on 192.168.190.0 /24 (VLAN 10) to be able to have tcp communication with our screened subnet (VLAN 50) 172.20.33.0 /24 on certain ports, and blocking the rest with an ACL on the A...
Resolved! VPN Load Balancing on FTD
We are working on migrating our Anyconnect VPN services from ASA to FTD and have been reading there is native load balancing available on the ASA but not sure if it's ready/available on FTD. Also, we have Kemp load balancers that are possibly availab...
Hey gang:I'm updating my logging lists and would like to know if there is a list of syslog messages by event class (I found the list by severity level). If not, is there some way to identify the class by looking at the syslog message number?Thanks.
Hi, in the log messages for 302013, on outbound, is it possible to determine the source IP. Meaning who is the IP that initiates the connection? Or is the inbound/outbound indication + IP location in the message only indicating of the security levels...
Hi, I noticed something strange and wanted to share with the community and see if this someone has some info about this behavior. We have a daily Snort Rule Update set on the FMC ( probably not the best option - now I am thinking that weekly would be...
*This is branching from a previous post in a different section. After learning more I figured I'd ask the question in the correct section* Hi,I have a situation where these things happen, I'd try to describe it as thorough as I can.1: I can start a c...
| User | Count |
|---|---|
| 10 | |
| 7 | |
| 5 | |
| 2 | |
| 1 |
