Hello, I have a DMZ setup for our new SFTP server. I'm trying to make it where only specific outside IPs can get into this sever. Do I need to create a NAT rule or ACL on our ASA5512? Thank you,
Forum Posts
If I upgrade the FMCv from 6.4 to 6.5 will it cause traffic disruption on the managed devices?
Resolved! ISR ipsec ikev2
Hi,Does anyone know if ISR routers 2811 and 3845 support IPsec ikev2 ?Thanks
Cisco Fire Power Services (6.2.1) are running on ASA 5555x (9.10(1)), from couple of months we are not getting any data under Analysis->Connections>Events. So far we tried rebooting FMC vm and ASA firewalls but still on luck, please advise how to rec...
Hi Guys,Anybody here knows the directory path in the FMC for the connection event logs so that I can download the historical logs because I noticed in the FMC GUI particularly the Connection Events section, the historical logs are not showing.Thanks
Hi , I´m trying to understand the license requirements for a FPR1120 with FTD image. I found this explanation: I just don´t get it, what does it say?Firepower Threat Defense devices in a high availability configuration must have the same licenses. B...
Hi All, I try to connected other interfaces (1/3-8), but all failed( Interface Ethernet1/3 "out2", is down, line protocol is down). Anyone to know why only interfaces 1/1-2 are working, but other interfaces do not work?
I'm planning a firewall upgrade to two ASA5555-x appliances in HA failover from 9.4(4)5 to 9.6(3)1. Traditionally, a direct upgrade like this would break zero downtime functionality, as you were required to upgrade between adjacent releases when cha...
Hey guys, I have a Cisco 2821 Gig Router and I have Syslog enabled. Someone is attempting to log into my router and they are relentless. Here are the syslog entries. Warning10.0.0.1%SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: UNKNOWN...
We are looking to move a Data Center. Not a pretty project, for sure... The current Data Center Hosts make any form of monitoring of Bandwidth usage unreliable. What is the best suggestion on Logging or monitoring the Traffic to/from our ASA devic...
Configured the following on ASAv: object network LOCALhost <local private address> object network REMOTEhost <remote private address> nat (inside,outside) source static LOCAL LOCAL destination static REMOTE REMOTE no-proxy-arp access-list outside_cry...
Hi. I haven't been able to find the information. We're deploying a new virtual FMC that is going to manage 2 FTD devices (2100). This customer doesn't want to give full Internet access to this machine, they say they want to restrict to certains ports...
Hi all, When i try to install the FirePOWER software on Cisco ASA 5516-X and i issue the following command: ASASFR-boot> system install ftp://192.168.2.4/asasfr-sys-6.2.2-81.pkg It gives the following:Verifying 110Upgrade aborted When i ping the addr...
We are working with a Firepower FPR 1100 series firewall in the main office and a remote location with a layer 2 switch. On port 2 of the firewall, we have a server with IP address 192.168.1.3. At port 9 on the firewall we are connected to a switch...
Resolved! ASA NAT Best Practice
Hi I am in the process of reconfiguring all the outside access rules and NATs as we are migrating to a new public IP range. My question is about the best practice when configuring the NAT and access rules. I want to only use manual NATs. 1) Should th...
