I'm having an issue reaching the DMZ network from VPN. I need to be able to RDP to the DMZ host 10.20.1.2/24 from the VPN subnet 10.2.2.0/24. I have configured the NAT policy and ACLs but still not able RDP to the DMZ host. Please see the ASA 5505 ru...
Hi When user login SSL VPN (ASA 8.0), how to apply group policy base on their user name without to choose the gorup option at login page. The problem is when I check the option for user to choose the group at login page, it work fine. But without tha...
Hi all, shortly have to RUN BGP a couple of FTD 4115 in HA, managed by a 1600 FMC, it's all on premises. I was wondering about the BGP sessions if they have to be established according to which of the following cases:1) one router peers with both act...
Dear Colleagues, Help me please to solve the issue below. I need to change 175.125.68.17 to 175.125.68.22 Feb 05 2021 23:15:34: %ASA-4-402116: IPSEC: Received an ESP packet (SPI= 0x9D6197B7, sequence number= 0x7) from 175.125.68.1 (user= 175.125.68.1...
Hi there, I have 1 ASA 5510 version 8.3 with 4 interfaces. outside1, outside2, inside and DMZ. Both outside1 and outside2 interfaces connected to ISP1 and ISP2 respectively. And core switch connecting my ASA with all my internal users. My current pro...
Hi, I have completed Cisco "IPS Express Security Account Manager Representative" certification before 3 years and now want to renew it but this certification has been retired. I raised a case with Cisco Certification and Communities Support Team but ...
Hi, correct me if I am wrong but does this sentence below mean, that I do not need the SF-FMC-VMW-2-K9 licence if my devices are all classic devices, so ASA with Firepower modules? Firepower Management Center Configuration Guide, Version 6.7 - Licens...
Dear All, I'm trying to create an asa-v (using CML 2.1.2-b39) sub-interface to make able a host to configure it via ASDM, but despite the configuration is not working.Please advise if I'm missing something.Here the configuration of the asa-v / switc...
I need some clarity on SSH and certificates. I have SSH enabled on a router which has a signed certificate loaded. The Putty client has the root CA loaded. Putty connectivity works. The question I have is that SSH access works on another router wh...
We are setting up ISA 3000 firewalls as FTD in HA pair. We have a unusual challenge wherein, switches on both upstream and downstream have same vlans and we need to use firewall to segment traffic between certain vlans. E.g., Upstream has VLANS 1,2,3...
Is it possible to use a different IP from our WAN subnet for RA VPN? We currently port-forward 443 to an internal proxy server on the interface IP. We do this for a couple of reasons. I realize I can use a different external port for this but tho...
Español PortuguêsFrançaisРусский 日本語简体中文 This event is a chance to discuss about Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) regarding products, management, installation, configuration, implementation, use, and integra...
Hi good morning.I am trying to configure fail over in ASA, I have two ASAs with the same OS and the same model.I have assigned the ips address for each interface.All tests are passed(See screenshot) except for the second that failed.How canI debug th...
Hello, I have a FRP 2120 running ASA I am creating a port-channel (EtherChannel) and I would like to assign to it some of the ethernet interfaces of the ASA. When I go to the interface of the ASA the Channel Group is grayed out. From the chassis ma...
hello together, i have a server where i cant change snmp deamon port and which is not 161. and i have a monitor system where i cant change snmp to ask at another port then 161. in between there is an asa so i thought maybe its a good idea to just rew...
