If my ASA is configured to allow port 443 (over http), can ASA allow web 443 and block telnet 443? e.g.: Allow https://x.x.x.x block: telnet x.x.x.x 443 Question2: Will blocking telnet on non standard ports give any benefit?
Coming from a netscreen/junos background... For allowing access to the inside from a DMZ IP I'd usually configure a VIP using an IP in the DMZ network that would map/nat to an IP on the inside interface and apply the appropriate acl/policies to that ...
Hi all, is it possible to to transfer IP SEC License for ASR1000 Series from faulty unit to a new unit? Thanks,Hafiz
Hi there people in my phone, We have a pair of ASAs in a failover pair, and the failover has failed with an interface error. Interfaces on the FW and connecting switch are both up/up, no configuration has been changed, and it's been fine for the la...
Hello everyoneI would like a clarification on the native vlan.By default a vlan is used, for example 99 as a native vlan without assigning any access port to avoid double tagging attacks.What is not clear to me is:1) Why do I have to set as a native ...
Hello. We have a pair of FTD on ASA5525-X running in an Active / Standby pair managed by FMC. What are the step by step sequence (or commands) for shutting down both units as this will be my first time having to go through this process. And I assume ...
Hello, I have a S2S VPN set up between our 2130's and we seem to be having some serious speed constraints over one of the tunnels. I read in another post somewhere that the FTD's may have a speed per SA limit, but I have not been able to find any of...
Hello,We have two data centers, Primary site (DC1) and DR site (DC2). In each data center we have one FMC (hardware) and two FTD appliances.I have configured HA between the FMCs (where the primary FMC resides in DC1) and the FTDs at each data center...
Hi,I get a strange problem here. We got another subnet from our ISP because we needed another block of IPs. Everything works fine, except one thing: Deny IP spoof from (XXX.XXX.XXX.XXX) to XXX.XXX.XXX.XXX on interface outsideThe source IP is our mai...
I am running FMC 6.6.0 API, adding a new member to an object group it wipes out all other existing member!Would anyone know how to use PUT just to add a member and keep what exists?Thanks
Hi,I have a server having ip address 172.21.X.X, and it is always getting shunned. I have to manually clear the shuna everytime. Why the server is getting blocked at shun, i am unable to understand ? I can bypass the server adress at shun, but that's...
Hi I need some help in creating that ACL on Cisco multilayer switch. 1) I want to allow all traffic between these subnets10.75.0.0/22 ------ 10.0.0.0/8 2)) I want to allow only http traffic and block the remaining traffic between the following subnet...
Hello, I would like to protect our ASR router (connected to the ISP and the internal network) from Firewall session table flood attacks by configuring Firewall Session table protection. One of the restrictions I found here is https://contenthub.cisco...
HelloPlease here iam running with my ASA5606-x Firepower. Unfortunatly me LAN side arnt possible to reach the (ISP) Internet. Ping inside the LAN are possible also ping the firewall are ok. i think the configuration are mede simple g1/1 WAN - Outside...
I just setup a new ASAv in Azure and was testing AnyConnect. I can login find but once the connection is established, it disconnects my network connection. I thought maybe it was just my computer so I had someone else try it and the same thing happen...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
| Subject | Author | Posted |
|---|---|---|
| 06-25-2025 04:32 PM | ||
| 06-25-2025 04:40 AM | ||
| 06-24-2025 07:03 PM | ||
| 06-20-2025 07:10 AM | ||
| 06-19-2025 07:32 AM |
| User | Count |
|---|---|
| 4 | |
| 4 | |
| 4 | |
| 2 | |
| 1 |
