Resolved! ASA rule check
Hi All, Before applying any new firewall rule (source, destination, port) is there any way , i mean a show command in ASA to check whether rule is already permitted or denied by ACL ? Regards, Muhammed
Forum Posts
Does anyone know of any ACL tool (preferably freeware) that will allow you to load an ACL and run an IP against it to see what line (if any) it hits? I have seen tools that allow you to manage ACLs, but haven't ran across anything that computes the ...
On the ASA and FWSM, is there a way to check which ACE would be blocking a particular traffic? I'm looking for a command where I just tell it which ACL is use and feed it the source-ip/port and dest-ip/port.Thank you in advanced.Vince
For ASA firewalls (SOC customers that send firewall logs to QRadar by syslog), we have them configure a base logging level of 4 (Warning), but we also need a subset of level 1 (Informational) events sent to QRadar as well. These events are: 106100 – ...
Hi All, Is there a way to export/import VPNs to a higher model FMC x500 from FMC 1000. Is there any chance of impact on the VPNs while we remove the FTD from Device manager in FMC lower model and then add it again in FMC x500 model. Can there be any ...
Hello, I have a backup schedule set from "FirePower Management BackUp". To my understanding this is doing scheduled backup for FMC with "Back Up Configuration" option ticked. But question is what this file consist of ? I mean which file they are ...
Hi guys,Need your help on below situation.I would like to configure the netflow on the FTD. FMC is running on 6.4. I created new flexconfig object and defined the destination. Created new flexconfig policy and assign the firewall accordingly. These ...
Hi everyone, I would like to know if it is possible to have an email sent to the admin whenever someone visits a website that is related to a certain topic. For example if someone is searches/access content that is related to "burgers", is it possi...
Hello Folks, reaching out to you for some help,I have a simple setup in my 5510 , 2 interfaces: first one for OUTSIDE and second one for Inside with multiple sub-interfaces (vlans) :- all subinterface on the same security level, - same-security-traff...
Hi. I am doing the Lab "Configuring an Intrusion Prevention System" of Chapter 5 "Implementing Intrusion Prevention" of "CCNA Security" on Netacad. I have a question for the Step 3 "Modify the signature" of Task 6 "Test the IPS Rule and Modify a Sign...
Does anyone know why I'm getting this error and how to fix it: ERROR: access-list used in static has different local addresses I didn't find anything helpful when I Googled it. It happened when I was trying to translate some addresses (that is the re...
Hello I'm having some trouble getting two specific networks over a site to site VPN to talk properly. On the ASA network 10.0.4.0/24 needs to reach networks 10.34.0.0/16 and 172.18.5.0/24 which are on the Juniper SRX and visa versa. At the moment I ...
I have an ASA5506-X that has been reimaged with FTD code - running the latest 6.2.3.15 version.It is managed by a FMC that has been upgraded to 6.6. It is working and I can manage it via the FMC, however SSH has stopped working to any of the interfa...
Hello,I am trying to see how we can make posturing work even before logging in. My undertstanding is that stealth mode is for auto remediation and hides gui from popping up but I have heard it can be used to posture workstation before logging in so I...
Hi Everyone, Is the FMC migration possible from FMC 1000 to FMC 4500 with both models running 6.5.0 and then running the migration script? Has anyone tried this or is it only applicable to x600 series FMCs? Any idea on this.
