Hi All, The customer would like to change configuration interface on vmware from 10G to 1G but We not sure procedure of ASAv need to new deploy ASAv or need method something to support new interface or not. Please advise us for my concern. Because No...
Forum Posts
Cisco ASA 5515X Firewall. Getting a coordinated syn attack against one of our websites hosted behind the firewall.. My ASA's CPU is going to 100% and not allowing legitimate traffic through during this attack. It completely shuts down. It is configur...
Hi I have a question.I need to purchase an Expansion I/O module for my firewall.So My company is adding one more ISP to the network.(There is already one ISP existing as outside interface). There is only one unused interface in the firewall. And I ne...
Hiwe have VPN server( Router l2tp ipsec ) on the DMZ interface, we want to allow vpn l2tp ipsec traffic to pass through outside to Dmz my sample config : object network vpn-routerhost 192.168.1.200nat (dmz,outside) static *.*.*.* (public ip address )...
Resolved! ISE Trusted Certificates due to expire
Hi, Notice these Trusted Certificates are about to expire, they seem to be for internal use.I cannot find any information on these or how to renew. Each Node (primary and secondary ) has one. need to be concerned? Lee
Dear experts,I need to configure email alert notification configuration on ASA 9.8Problem is 1. SMTP server port is 465port. How to configure the port of SMTP?2. If ASA contact the SMTP server with the wrong domain name ( like asa@asa.com ), then it ...
Resolved! Multiple IPS policies
Hi, What are the benefits (if any) of having a different IPS policy for incoming traffic to internal servers and another for outgoing traffic focused on users? What is the best practice, keep a single policy for both scenarios that simplify the opera...
Unable to delete SNMP alert on Cisco FMC 4000 due to "alert in use by X policies" bug-like behaviour
On FMC 4000 (running 6.4.0.9 software) I am unable to delete SNMP alerts i.e. on the FMC when I navigate to Policies > Actions > Alerts when I attempt to delete an SNMP alert, the message shown in attached screenshot appears:i.e. "This Alert Configur...
Is there an easy way to put bandwidth rate limits on our FMC Communications? Over the past few weeks there have been a few times our 100 Mbps MPLS is reaching 88% upload, and several of our smaller sites are reaching the high 90's in download bandwid...
I am trying to replace the Cisco logo in the AnyConnect client with our own. I have followed the instructions below, but have not had any success. Has anyone gotten this to work?http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconn...
Resolved! ASA 5585-X Howto change failover-link
We have two cisco asa 5585-X's in a failover setup.Failover Link between Primary and Secondary Unit uses external switches for connecting the two ASA´sWe like to chanke the failover link to a directly connected link between the two devices.What would...
Is there a way to combine FMC DNS SI lists by the domain name feature and a particular DNS query type? Let's say I want to avoid type A DNS queries but I let type AAAA queries to go out for domain A, but I want both A and AAAA allowed for domain B. O...
ProductsFunctionMinimum VersionRequired?Firepower 4100 or 9300Hardware platform to run the ASAFXOS 1.1.2RequiredFirepower Chassis ManagerFXOS GUI device managerFirepower Chassis Manager 1.1.2Optional; you can alternatively use the CLIASAFirewall appl...
We are using a pair of ASA 5585Xs in active/standby mode (single context, routed mode). We have a 6509e for our core switch, which connects directly to the ASAs, and the outside interfaces on the ASA connect to a single 3850 switch. This setup has be...
Hello all. I've been facing a strange problem with network and service object groups so I decided to post it here to get some help.I am trying to use the network and service object groups in an extended ACL applied to a Vlan, in a Catalyst 4500 L3 Sw...
