Hey all, I have 3 interfaces on a Cisco router, one points to LAN (GE0/1), another to DMZ (GE0/2), and the third one to WAN (GE0/0). Both LAN and DMZ ports are configured with IP NAT INSIDE and WAN is configured with IP NAT OUTSIDE. I have dynamic ...
Dear Community,I have a question about the ISE deployment sizing. We rolled out ISE in a fully distributed model (2x Admin Node, 2x Monitoring Node, 2x Policy Node). Each node is fully independent, no sharing of personas on any node. Now, we rolled o...
Hi All,On ASA 5000-X series , we have no sysopt connection permit-vpn configuredWe have multiple site-to-site IPSEC tunnel to remote location configured on outside interface.We also have many ACL entries on outside interface for incoming traffic incl...
The management system at our HQ reaches out to the inside interfaces of the branch firewalls through site-to-site VPN tunnels for both pings and SNMP, and on the firewalls running ASA firmware, we use "management-interface inside." Is there a similar...
Hello,I have two FP9300 devices and each of those boxes have an old security module - slot1 (two slots are empty).Multi-instance deployment is used + HA failover FTD pair was configured between both 9300 devices.Now I want to add a brand new security...
Good afternoon, I've hit a bit of a wall so I'm requesting assistance from the experts. I have a single router with interfaces Gi0/1.1 and Gi0/3 placed in IN-ZONE and DMZ-ZONE respectively. The Zone-Pair with source as IN-ZONE and destination as D...
Hi Everyone, Does anyone know how to force the Cisco ASA to ping tools.cisco.com using IPv4? The WAN/External interface has both IPv4 and IPv6 configured and when pinging tools.cisco.com from the ASA directly, it defaults to IPv6, see below for outp...
Hello all, I need your support. How to configure the cisco firewall fpr 2120. Now it is configured in ASA mode
Hi all,I have configured an inbound access for exchange online to allow communication with internal VIP on ports tcp-25 and 442. I have the NAT rule in place and the policy to allow the traffic. However, I am seeing the traffic being dropped by SNORT...
Hi All,We have implemented a 1 leg proxy appliance inside LAN and NATed by firepower and then a PacketShaper bandwidth controller then to Internet. The internet bandwidth is 50Mbps.Strange thing is when download files from some specific website like ...
Hey everyone, Does the ASAs need to have an arp entry for a host/hosts in order to pass traffic through it (given that the access-list is allowed)? Thanks!
Hi,I configured port redirection with outside interface as below and allow tcp 4433 on outside interface.nat (inside,outside) source static <inside-serv> interface service tcp_4433 tcp_4433I could see packets are arriving on my outside interface with...
Hello I have FTD ( ip 10.2 ) >> Layer 3 switch >> Router (ip 10.1 ) From switch i can ping router and FTD interface, but from FTD i am not able to ping router interface and vice versa. ICMP is allowed. Any help pls
Hello I have ASA 5506-X and i have a problem : when i put this command : system install noconfirm ftp://192.168.1.254/ftd-6.2.3-83.pkg via xlight ftp server :===> it show this message : ///////////////////////////////////////////////////////...
hi,i'll wipe out a pair of ASA 5525x in active-standby to be redeployed in another site.i usually factory reset a standalone ASA.can someone confirm the steps below to reset the dual ASA:#write erase <<< FROM PRIMARY-ACTIVE FW#failover reload-stand...
| User | Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 2 | |
| 1 |
