Hi there,is it possible on the ASA to apply PBR on a NAT interface? PBR is matched by port that is not changed by NAT.
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,528) -
Cisco Bugs
(32) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(140) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(7) -
Cisco Secure Firewall Management Center (FMC)
(33) -
Cisco Secure Firewall Threat Defense (FTD)
(53) -
Cisco Security Cloud Control
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(43) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(258) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(26) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,570) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(2) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,559) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,771) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(628) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(42) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Resolved! ROMMON ASA 5516-X
Anyone have any ideas why I can't get into ROMMON ? Cisco Systems ROMMON, Version 1.1.13, RELEASE SOFTWARECopyright (c) 1994-2017 by Cisco Systems, Inc.Compiled Mon 10/16/2017 17:54:58.29 by wchen64Current image running: Boot ROM0Last reset cause: Po...
We have an HA pair of 2140 FTDs running 7.0.4 managed by an FMCv also running 7.0.4. We've had PBR configured since April of last year, which is allowing us to migrate to a new edge network with new Internet routers and set of ISPs running BGP. As we...
Please see attached image.Are these ACL entries indented only because the CLI presentation wanted to help the user see which ACE's have object groups?Are the object-group ACE's in any way related to the indented ACEs that follow it below?Thank you.
Resolved! ASA ipv6 6to4 or 6to6 nat ?
I have several sites connected via L2L tunnels with both ipv4 and ipv6 active but all traffic come through site1. for ipv4 I do object network obj_anysubnet 0.0.0.0 0.0.0.0object network obj_any6subnet ::/0 serverFakeIPSite1 192.168.100.1serverPubIPS...
Hi All, I am looking for information around maximum supported rules/Policies on a Cisco 9300 Firepower appliance (with SM 40).Couldn't find this information in the documents. please help point me to link where this information is available. #Firepowe...
Resolved! ACL logic, please confirm.
ACL logic, please confirm.On an ASA 5525..."access-list inside_in extended permit tcp host 172.16.0.2 host 1.1.1.1 eq 2222"Is the following a true statement?... "Host 172.16.0.2 using source port 5678 and destination port 2222 will be able to send, a...
Hi,What is PID when we try to integrate with Cisco API's to auto download Broadworks patches or binaries?Regards,
Resolved! route inside 0.0.0.0 0.0.0.0 tunneled
Hi Everyone,On ASA which is running RA VPN.Why we will use this command route inside 0.0.0.0 0.0.0.0 x.x.x.x tunneled?RegardsMahesh
Hi, I and team are trying to consume the Cisco API's to auto download Braodworks patches or binaries. It seems the Product ID is needed to successfully integrate with Cisco API's. Can you please let me know where can I find the Product ID? Reagrds,
Hi All,We are planning to manage the FTD over internet facing interface via FMC. May i know the risks involved in managing the FTD over internet facing interface please.Interface will carry both Internet traffic and management traffic.Regards,Sanjay ...
Hello Guys, I have a very weird issue, I need to deploy 2 fpr1010 but I can't do it because I don't know what this device is doing.I tried several things but no luck. I try to manage it locally no cloud management is applied since no net. My connec...
Hi All,I have few pairs of the NGFW and have recently change the passwords on them via the "configure user password admin" command..does anyone how to save the config/changes via CLI... or is auto saved? models are 2140 2130 2120 running 7.0.4Thank ...
Hello,a vulnerability test detected "TCP Sequence Number Approximation Based Denial of Service" vulnerability (CVE-2004-0230) on a ASA 5506.The ASA should be running on 9.8(2).How do I find when (what firmware version) Cisco fixed the vulnerability?
UPDATE: I finally got it registered after deleting the pending manager in FTD and did a reboot of FTD as well...The only conclusion I got is I might have entered reg key incorrectly... ============ It is first time I am trying to register a FTD to CD...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 09-08-2025 11:51 PM | ||
| 09-08-2025 04:50 AM | ||
| 08-29-2025 08:17 AM | ||
| 07-16-2025 04:21 AM | ||
| 07-06-2025 01:40 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 7 | |
| 6 | |
| 3 | |
| 1 | |
| 1 |
