HelloWe want to purchase firepower P/N:FPR9K-FTD-BUN with P/N:FPR9K-SM-56= as security module. I could find information about one and three security module in the firepower9300 data sheet but there isn’t information about two security modules.Do we h...
Hi All,I have failover configured between two ASA 5515. I am a bit rusty with ASA..years since I played with one.Anyways, failover seems to be working ok. The only problem I have is that the failover unit keeps changing the name everytime I reboot th...
Hello to everyone, Recently we bought a firepower 1140 threat Defence and i am wondering if i am able to confirure an outside interface with PPPoE. i perfromed the initial configuration and also i dont know how to configure that. i am not able to ch...
Hello for everybody. I need to allow tcp and udp 123 port on external asa interface from two external ntp servers and block from any other. The following acl is currently applied on the external interfaceaccess-list OUTSIDE_NAT extended permit icmp ...
Can anyone describe how PAP works between ASA and Microsoft NPS for RADIUS authentication and how MS-CHAP is different?Please don't tell me that PAP sends the password in clear text. I have taken PCAPs and I see no clear text shared secret or passwor...
Hardware: ASAv30Cisco Adaptive Security Appliance Software Version 9.9(2)1 Whenever I try to enter any show run command, for example "show run" or "show run access-list", the CLI terminal hangs up without generating any output and I have to close the...
How can i change th IP of the Firepower 1120 from the console port???
Hello All, We have a remote office where we run a standalone FTD 2140 appliance. Now there is the need to add that appliance to an existing FMC. The 2140 appliance has locally configured routing (inside & outside interfaces), several site-to-site VP...
Hello. I am trying to configure the dhcprelay enable q-inalextnet command on a Firewall, and it throws the following message:This interface is shared and cannot be configured with DHCP. I found that this is related with a bug ID CSCsv96850. I would l...
Hello for everybody. Is it possible to clear all nat counters on cisco asa 5515-x? Auto NAT Policies (Section 2)1 (inside2) to (outside_nat) source static obj-10.18.8.200 interface service tcp www 83translate_hits = 600, untranslate_hits = 31 In this...
Hello, I stumbled upon a problem today. I have an ASA with firepower services. I noticed that in the events some URLs are shown as numbers and the action is blocked. Is there anything, in particular, I could check to see what kind of error this is?...
Hello Everyone, I hope you are all doing well, despite whats going on with the pandemic. Anyways, I was trying to improve the Host Profile quality exploring several alternatives. Nmap, API, etc. At this time I focused on nmimport.pl and was able to a...
Hi all, We have a server which requires to go out on a specific interface "outside3". I tried to set it up so it will route to outside3 but somehome the traffic still go out at outside2. This is what I configure for that change:access-list outside3...
Hello,I have created a new context in cisco ASA5525 and configured site to site VPN in context. Phase -1 is not coming up and i am getting the below messages while running debug. We have a tunnel configured to same peer IP from a diffrent location h...
hi,due to the recent ASA CVE alert, i need to do an upgrade 9.4 > 9.8.https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-73830 just want to confirm that i can upgrade directly 9.4 > 9.8 as per link below:https://www.cisco.com/c/en/us/td/do...
