Dear All,On our ASA(9.18), we are running OSPF and BGP, and are redistributing BGP routes into OSPF.We want the redistributed routes to be tagged with a custom route tag. However, on ASA there is no option to tag routes using set command under route-...
Dears,I have asa-5525x with Firepower services including a URL filtering license and I have the below issue:consider a website (xyz.com) with a couple of youtube videos embedded inside it, is it possible to allow only youtube videos that have been em...
Hi Folks, In a plan to upgrade my ASA, ASDM and FMC, below are the current versions Cisco ASA 5525: 9.12(4)37, ASDM Version: 7.13(1), FMC : 6.5.0 Looking for ASA-FMC compatibility matrix
Hi Team,How can i configure MAC Address to IP Address Binding on Cisco ASA FW? I am migrating Domain controller to Cisco FW, i have configured DHCP and DNS on it. Now I have 7 IPs which needs to be configured on MAC address on this FW.
Hi, We have problem with Teams when connecting in vpn . I would like to configure my vpn anyconnect to be split tunneling (exclude teams traffic only). I saw a few configuration suggestion on that some with Python script and some with dynamic exclu...
Hello!I'm using Arctic Wolf for security scanning, and they're telling me that port like 135 and 3389 are open. I have an externally accessible server with 1 to 1 NAT setup, then my ACLs only permit web traffic. When I do a packet capture, and try to...
The web server service running on this switch appears to create it's Access-Control-Allow-Origin response header based on the user-supplied Origin value. I am needing to include the “Vary: Origin” header to prevent caching. But I don't know where ca...
I am working trying to limit users to certain sites within a domain using manual url filtering.I have a rule that blocks discord.com which worksI do want users to be able to access certain channels within discord.source: internal networkdestination: ...
Hello Team, I have been through lots of Cisco FTD Docs and cannot find the answer, trying not to raise a TAC case for this if it can be avoided. Does anyone know if you can modify the SSH cipher on FTD by editing "/etc/ssh/sshd_config" on Cisco FTD 2...
The default routing for the backbone is the firewall. When I send packets from SW1 to SW2, I want to go through the firewall. Any ideas?
Folks,Can you tell any difference between command "crypto key generate rsa .. 4096" and "crypto key generate rsa modulus 4096" Thanks
Hello,I have an ASA5516 that i want to temporarily run two IPSEC site to site tunnels so we can start setting up a new data center while waiting for our SDWAN equipment. One tunnel to our current data center (CoLo) subnet and DMZ (running an ASA5505)...
Hey all,This is actually my first post and was looking for some help with my new Snort install on my server. I am noticing that my logs are becoming inundated with ICMP Connection Tests and am looking for a way to suppress these:09/15-13:37:57.28752...
Hi all,I have set up an ASA firewall 5506x on packet tracer connected to a Multilayer Switch. I have configured ICMP to allow ping through + for the firewall to inspect icmp (through the use of Access-list permit icmp any any + policy-map global poli...
I have created security intelligence block list but sometimes it allows the connections like the one highlighted and it is identified as attackers. Is that because the intrusion policy is set to detection not prevention?
| User | Count |
|---|---|
| 10 | |
| 7 | |
| 5 | |
| 2 | |
| 1 |
