Due to a bug (CSCvq71351) in 6.4.0.7 - inline sets must be deleted/recreated if they need to be edited Is there any potential traffic impact in deleting/recreating an inline set - as long as you don't push policy until after the inline set is rebuilt...
Forum Posts
Hi forums, I recently discovered a strange phenomenon on one of our managed ASAs that I couldn't quite figure out. * Hardware: 2xASA5545 running AS OS 9.8(3)29* uRPF ist enabled via 'ip verify reverse-path interface <if>'* cluster protocol packets ar...
Resolved! ACL not showing in ASDM 7.1 (ASA 9.0)
Hi all,I've configured a couple of ACL rules via CLI in my ASA.When i checked in the ASDM, it only shows the basic rules that was configured by default and did not show the rules that i've created.Anyone else facing the same problem?Thank you
Hi Guys, I need your help for my problem, I have ASA5516 on active and standby. We already upgrade the IOS version to 9.5(1) both but sometimes ASA devices which as active mode change the IOS version to 9.8(2). This the error messages : ************W...
I have a 5506-x asa and im trying to segment my internal network into several "zones".For example:192.168.1.0/25 LAN192.168.1.128/25 WIFI LAN192.168.2.0/24 IOT192.168.3.0/24 LABI have the base license and can create a max of 5 VLANS I don't know if I...
Do we need to enable aaa for serial login?.Currently I have not enabled and it's blank, when I queried the cisco tac whether not having a aaa config for serial cable while having it for others such sab and ht woud work he said. He said when I connec...
Hi,I would like to ask about to allow essential port on firewall to secure.I saw essential port to open for active directory service as below .RPC endpoint mapper: port 135 TCPLDAP: port 389 TCP, UDPLDAP over SSL: port 636 TCPGlobal catalog LDAP: por...
Hi team, I'm simulating packet tracer before putting my FTD on production: But when sending a packet from a Lan machine to google : I get always this result : Result: input-interface: inside input-status: up input-line-status: up output-inter...
We deploy ASAv50 version 9.12 but I found ASAv50 display failover state difference CLI with ASDM. CLI Display : Active/ActiveASDM : Active/Standby Please suggest me .
I currently am using a ASA 5510 Firewall and ASA 5516-X, by defaut what security settings aren't enabled that I should have enabled in any network configuration? Also, by Default is IPS/IDS enabled or is this something that needs to be configured? An...
Resolved! FTDv w/FDM smart licensing question
Hello all. I have a client who requires an air-gap FTDv deployment. They are using FDM for management. This client cannot use a satellite server, they don't want any communication over the Internet. I know that software version 6.3 provides an air-ga...
Resolved! [ASK] Inside can't access DMZ on ASA
Hi all,i have some problems which seems too wierd. I have an ASA 5540 in my client's office. The previous plan is using inside and outside scheme only, while dynamic natting all inside network (10.0.0.0/8) to outside. And static nat several IPs too. ...
Resolved! Port forward and ZBF
Hi All,I have a number of ports to be forwarded to an internal server. All works fine until I apply my ZBF config.Anyone able to cast an eye over my config to suggest how I forward a single port from the internet (dialer 0) to a device on vlan 20?i.e...
I frequently see devices listed in "Indications of Compromise by Host" When i drill down to see what the issue is, it's usually "The host may connect to a phishing URL" or "Malware Site" When i drill down further to the events that triggered the IOC,...
Resolved! aaa new-model
Hello, what is the suggested method to configure aaa new-model and 802.x on a remote router without locking myself out of the router and if I did lock myself, what is the process to recover and access the device again. Here is my current config aaa ...
