Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from Wednesday, March 4, 2026 through Wednesday, March18 2026. Our Experts Ike Chon, Scott Nishimura, Annya Martinez Foster, Jyhan Ocana Casillas, Eder Pacheco, Willi...
Forum Posts
Hi Team,How can i configure MAC Address to IP Address Binding on Cisco ASA FW? I am migrating Domain controller to Cisco FW, i have configured DHCP and DNS on it. Now I have 7 IPs which needs to be configured on MAC address on this FW.
Hi, We have problem with Teams when connecting in vpn . I would like to configure my vpn anyconnect to be split tunneling (exclude teams traffic only). I saw a few configuration suggestion on that some with Python script and some with dynamic exclu...
Hello!I'm using Arctic Wolf for security scanning, and they're telling me that port like 135 and 3389 are open. I have an externally accessible server with 1 to 1 NAT setup, then my ACLs only permit web traffic. When I do a packet capture, and try to...
The web server service running on this switch appears to create it's Access-Control-Allow-Origin response header based on the user-supplied Origin value. I am needing to include the “Vary: Origin” header to prevent caching. But I don't know where ca...
I am working trying to limit users to certain sites within a domain using manual url filtering.I have a rule that blocks discord.com which worksI do want users to be able to access certain channels within discord.source: internal networkdestination: ...
Hello Team, I have been through lots of Cisco FTD Docs and cannot find the answer, trying not to raise a TAC case for this if it can be avoided. Does anyone know if you can modify the SSH cipher on FTD by editing "/etc/ssh/sshd_config" on Cisco FTD 2...
The default routing for the backbone is the firewall. When I send packets from SW1 to SW2, I want to go through the firewall. Any ideas?
Folks,Can you tell any difference between command "crypto key generate rsa .. 4096" and "crypto key generate rsa modulus 4096" Thanks
Hello,I have an ASA5516 that i want to temporarily run two IPSEC site to site tunnels so we can start setting up a new data center while waiting for our SDWAN equipment. One tunnel to our current data center (CoLo) subnet and DMZ (running an ASA5505)...
Hey all,This is actually my first post and was looking for some help with my new Snort install on my server. I am noticing that my logs are becoming inundated with ICMP Connection Tests and am looking for a way to suppress these:09/15-13:37:57.28752...
Hi all,I have set up an ASA firewall 5506x on packet tracer connected to a Multilayer Switch. I have configured ICMP to allow ping through + for the firewall to inspect icmp (through the use of Access-list permit icmp any any + policy-map global poli...
I have created security intelligence block list but sometimes it allows the connections like the one highlighted and it is identified as attackers. Is that because the intrusion policy is set to detection not prevention?
Hello , I have a question regarding the radius config on the Cat 9k switches. Device(config)#radius server <server-name> Device(config-radius-server)#address ipv4 10.1.1.1Device(config-radius-server)#key cisco123 Should the name of the configured rad...
Hi , I was wonder to get proper documents and answer for -Does ASA5525 and ASA5525 has compatibility with SF-FMC-VMW-10-K9 ?Anybody can help me please ?
Resolved! FDT 1010 Firmware update - Help
Dear, good afternoon. I have an FDT HA model 1010. I have Firmware 6.4.0 and I must update to a new version. The question is should I update each one of the nodes or do I throw the firmware to the secondary and both are updated? Do you have any docum...
