Could someone here please help me answer this question: have a 6504E running on 15.5(1)SY5 (latest) and need to know if its KEX algorithms can be updated somehow to a more modern set, currently only supporting diffie-hellman-group-exchange-sha1. Tha...
Forum Posts
Hi, object-group service DM_INLINE_SERVICE_1service-object object 8069access-list Outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object Obj-192.168.100.100object network 192.168.100.100nat (DMZ,Outside) static 1.1.1.1 users ar...
Hi All, I have some probleme with our connction.Early last week, our monitoring server in the inside zone could not reach the ASA device.The server also cannot ping the IP interface inside and vice versa. HW: ASA5585-SSP-10SW: v9.8(2)38 Topology: [Se...
Resolved! Cisco ASA logging issue
Hello,There is a strange issue, this cisco asa firewall is configured to send syslogs to an external server.The firewall sends syslogs for few days and then suddenly there are no messages received on syslog server.I have checked on the network level,...
Resolved! Connection timeout Cisco ASA
Hallo,in my Cisco ASA configuration I have the following (default) command:timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02Based on this configuration I would expect to see all UDP connection to timeout after 2 minutes and ICMP conne...
Hi, We have a 5520 that rebooted yesterday and I am not versed enough with CISCO to know where to start. I have included a show inventory; show tech-support and show crash.Any help would be much appreciated. Direction mainly on how to understand c...
Hi everyone, ASA 5510 is configured as dhcp server.Here is setup AP1252---------vlan 15--------Switch---vlan 15 ----WLC----------Switch--------trunk carrying vlan 15,16------------ASA---Do i need to config dhcp option 43 on cisco ASA? Regards MAhesh
how to check the port-channel status & associated interface details in FTD. when i login to the device, it lands in the below mode/console; Firepower-module1>
Resolved! How to configure TACACS+ on Cisco SG300
Hello There! I have installed a new CISCO ISE, we have pending authenticate the users using TACACS on SG300, but I don't know how to configure TACACS on these switches.... LoL I can't beleive it, I was able to configure on Nexus, but anyway, any idea...
Hi Does anyone know how to achieve the following. We have one FMC managing a number of different IPS modules. I'm trying to limit the report to one pair of devices without using the search editor by inserting the device name i.e. Joefw-* into every s...
Hello Guys, Our customer have a pair with 2110, which are going to replace a pair of 5508-X.The vesion of the code and configuration of the new firewalls should remain the same, that's why I've downgraded the asa image on the firepower with cisco-asa...
Hi, we have ZBF running on an IOS 15.4. It is logging dropped packets to a syslog server.We can't seem to log passed packets as there is some traffic we are interested in.We've tried auit-trail and alert on but still not seeing anything of interest.A...
Resolved! ISE PIC License Install Issue
Hi, I am having issue with ISE PIC Standard licensing and getting bellow error when importing. Invalid License, cannot install ISE PIC license or ISE PIC UPGRADE license on ISE. I have Product ID ISE-VM-K9. Please reply if anyone have similar issue a...
Is there a way to confirm that all the connection events from an FTD box is making it to the FMC and recorded in the DB? I'm working through the "frequent drain of connection events" on one of my 4110s and TAC advised to disable logging to ramdisk, ...
I have a ASA 5506-x v4 and im wondering if I can use the firepower management center to manager the firepower sensor on the ASA. When I go to the IP address of firepower I get this message: (I dont have a active service sontract as this is just for ...
