Hi Just a simple question when using numbered ACLs is there any significance to the number or should it just be within the specified range for your class of IPs? For example ACL 110 should it be used for a significant purpose? Thanks in advance
Forum Posts
Hello, I want to enable reverse-path (URPF) on Cisco ASA in my current networkDo i have to add default route to avoid any issues after enabling Reverse-path (URPF) or any other method ?what are the prerequisites before enabling URPF ? Thanks in advan...
i have the firepower 1120. i configured my device for access to internet from DMZ zone and to access to my web server, but with default action allow. when i set default action BLOCK, and i create NAT: manual for accesss dmz zone to internet and autom...
Hi All,I'm suggestion for our network. We have multiple servers in different location, connected to the internet by DMZ not in our control. Which mean all the outside IP's of our servers are unreachable.Eventually I would like to create S2S connectio...
I have stand alone FMCv and i plan to deploy FMCv HA setup , so please support me what are the requirements either software or License ?
Doing a bunch of testing with FMC/FTD and came across this article talking about inspection of packets that pass before traffic is identified. I'm testing this with ftp. My policy is very simple (picture attached). The traffic in question will hit...
Please remove.
Hi Folks, I have challenges after a software upgrade executed on my Cisco FDM (ASA5555-x) to a latest Hotfix 6.6.5.1 from Version before upgrade: 6.2.3Immediately after upgrade my internal networks drops, and i observed all internal static routes are...
Resolved! ASA change to FTD
hello,I have ASA 5515-X with a firepower module. What is the best practice to install an FTD image on ASA or install a firepower module?
Hello,so I got free of charge cisco 4331I configured for internet access from my LANbut I'm facing difficulty whit ZBF I cannot find a way to secure my LAN from outsideIf I run port scan whit nmap on my wan IP all ports are showing up closed and not ...
Hello, Everyone. I want to create Internal CA for SSL Decryption. And I generate a CSR, then I request a certificate on Third Party CA. After that I downloaded the Certificate and will install it on Iinternal CA. But, when I want to upload a signed C...
Hello,I am trying to setup a FMC 1600 appliance and have been told it's connected to it's serial port via a serial console server.However, when I log into the cli, I get the following prompt: FMC cli->I cannot type anything in there (I've tried ?, he...
Hi, I am trying to install ASAv on my Vcenter server. OVF Template is deployed successfully but when i start the ASAv VM it goes through the Initial checks and then keeps on rebooting. I have tried 9.6, 9.5 and 9.4 but same behaviour. I have attached...
If official devices are registered thru MAC & IP to access the LAN. How can we deal with MAC & IP spoofing. Anyone can bring its home laptop or mobile and put the allowed MAC or IP on his home device to access the secure network. How can we deal with...
I need to renew our Portal Certificate on ISE 2.6. I have begun the process of filling out the signing request and selected Portal for the certificates use. My question is about the Portal Group Tag. The current cert is using the " Default Portal ...
