We have a separate intrusion policy for ingress trafffic from the internet to our DMZ servers. When I run Firepower Recommendation on this policy, it suggests changing dozens of old browser vulnerability snort rules from Disabled to Generate Event an...
Forum Posts
What command do i use to check if a vpn address pool is full?
Hello,We have a site to site VPN configured on cisco asa 5505, VPN is up and we can see TX and RX but we are unable to get any ping replies. We also tried RDP and other access to the remote end but no luck.The strange thing is TX and RX are going up ...
The PxGrid certificate for our ISE 2.4 and DNA-C 12.2.10 integration has expired and I am unable to find a way to replace it. Is there an way to renew the certificate without bringing down the fabric and deleting the old ISE server in DNA-C? Screensh...
I have 2 LANs connected across a VPN Site to Site with 2 Cisco ASA 5500, it is working OK, but on one of the ASAs the AnyConnect users need to connect to the other LAN accross the VPN, is that possible, here are a basic diagram that I made for a bett...
Hello,I have 2 LANs connected across a VPN Site to Site with 2 Cisco ASA 5500, it is working OK, but on one of the ASAs the AnyConnect users need to connect to the other LAN accross the VPN, is that possible, here are a basic diagram that I made for ...
5515X booting to ROMMON. The goal here is that the Firepower Threat Defense docs say that to convert an existing image to Firepower Threat Defense you must be in ROMMON mode. I went through the doc setting the server, address, gateway, image file nam...
Hello ASA lovers, I have a question regarding ASA. Consider this scenario we have an ASA connected to two service Providers with two interfaces and remote VPN connections are coming through bothISPs My question is how I can configure the ASA to route...
We have a vASA in AWS that has been configured with Anyconnect VPN support and have noticed that we are able to connect, however, the initial connection takes about 90 seconds to complete. After being connected, the client will disconnect and automa...
Hi All, Please Help if anyone can...I have a private service hosted on an external partner which has a public IP (187.x.x.x), they allow traffic from our office public IPs, so when I am at the office I can access the service, but when I out of office...
Could you pls let me know which iOS releases do support for SHA256 encryption for user & enable credentials?
Resolved! FXOS Upgrade on an HA Pair
Hello,I am planning to upgrade FXOS from version 2.3 to 2.6 on a couple of 4100s.. these host 2 FTDs in Active/Standby...I have gone through the upgrade document ..but my query is that when the standy member is upgraded first and when it will boot up...
I would like to purchase ASA5516-FPWR-K9 without IPS,URL and AMP.Can i just run this model just as a firewall without having to purchase extra licenses?Thank you
Hello all experts. Does anyone have experience configuring OSPFv2 routing on FTD 6.4.0.6 with other vendors devices such as Palo Alto, Fortigate or Mikrotik? The 2 devices does not form neighbor relationship. On other devices (ex. PA), I see the FTD ...
Resolved! ASA 5506 VLAN Routing or ACL problem
Hi, it's mi first time i worked with a ASA/ or a firewall like this and i have some problems to configure vlan/subinterfacesin the tutorials i found it looks easy, but it dit not work.same networks security (should) can comunicate ... but if i start...
