As I begin to work more with the FTD/Sourcefire and FMC combination I really being to miss the ability to tie rules to just an interface and not have to think about order of operation when placing rules. I have mandatory and default, I always put my ...
Hello, Everyone, I have an ASA 5525x w/IPS module which I need to migrate to FTD.I used a Firepower Performance Estimator https://ngfwpe.cisco.com/dashboard Right now ASA 5525x consumes 50-60% of cpu. Conditions:Traffic: ~200 Mbps Enabled Features...
Hi, Does anyone know when CSM version 4.19 is planned to be released? It looks like that we are hitting the following bug but on 4.18 not 4.16: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk08347/?rfs=iqvred ASA version is 9.10, so we need a...
Hi,We've installed a virtualized FMC 6.3.0.This VM is on lab environment just for test, without any device managed, Internet access or any license added. Now, 6.3.0.2-67 patch, Snort Rule update and Vulnerability And Fingerprint Database have been up...
Hello Experts Do we have support for QoS marking/scheduling/policing and multiple context in FP9300 FTD image? Anything in roadmap? Regards, Sumanta.
During the initial set up of the ASAv in Azure, I created the virtual machine, all the IP Addresses, etc. After setting up (what I thought was the correct way to do so), I cannot get the initial ASDM web page to load. It's an odd thing. Let me exp...
I had a question about the ASA's state table. I may be overthinking this!When going from a higher security level to a lower security level, the ASA keeps track of the state of the connections, which you can see by 'show conn'.However, whenever you po...
Hi I was wondering if someone could give me some assistance. I have been having some routing issues on the Cisco ASA. Firstly, this seemed to be an issue with inter-vlan routing which was causing some issues, and after some reading etc. I think that...
Hello Cisco Team, Can anyboby done Application based Rate limiting in Cisco Firepower.As far as i know it is supported in Firepower 2100.But my Concern is do i need to install SSL in all my end point machines.if so then it is practically not possible...
Hi All.. ive setup with my 3rd party bank using NAT.for example.. if i want to hit their server, i would need SNAT from my side.if they want to hit my server, i would set for DNAT from my side. how about i want to hit their server and get hit by thei...
Hello, i hope you can help me,i have 26 remote sites connect to an ASA in Guatemala Downtown, in Guatemala DownTown live 2 subnets (10.150.86.64/27 and 10.150.71.160/24) i have ready the VPN from Remote Site and Guatemala DownTown, this connection it...
So I am just doing some testing on home lab. I have a bunch of ports under a group called web-ports (see attached). Internal PC is still being blocked from accessing the net and only works if I change from Web_Ports to all IP service. Any idea what o...
Hello I have an issue with NAT configuration packet-tracer input DMZ1 tcp 192.168.141.20 1212 192.168.140.20 445 Phase: 1Type: ROUTE-LOOKUPSubtype: inputResult: ALLOWConfig:Additional Information:in 192.168.140.0 255.255.255.0 insidePhase: 2Type: ACC...
We recently moved off our older ASA5510 hardware platform is favor of a 5506-X. After the upgrade we started noticing some extremely odd behavior on the 5506 forcing us back to the 5510. On the 5510 we routinely saw 500-1000 connections per-second...
I am in requirement of double NAT (Primary and Secondary) in Cisco ASA, I need to configure single public IP to 2 different Inside Local IP address, in any case primary IP address fails, ASA should nat public IP to secondary IP. How do I achieve this...
.jpg "VIP Master"){kind=icon}
