The PxGrid certificate for our ISE 2.4 and DNA-C 12.2.10 integration has expired and I am unable to find a way to replace it. Is there an way to renew the certificate without bringing down the fabric and deleting the old ISE server in DNA-C? Screensh...
Forum Posts
I have 2 LANs connected across a VPN Site to Site with 2 Cisco ASA 5500, it is working OK, but on one of the ASAs the AnyConnect users need to connect to the other LAN accross the VPN, is that possible, here are a basic diagram that I made for a bett...
Hello,I have 2 LANs connected across a VPN Site to Site with 2 Cisco ASA 5500, it is working OK, but on one of the ASAs the AnyConnect users need to connect to the other LAN accross the VPN, is that possible, here are a basic diagram that I made for ...
5515X booting to ROMMON. The goal here is that the Firepower Threat Defense docs say that to convert an existing image to Firepower Threat Defense you must be in ROMMON mode. I went through the doc setting the server, address, gateway, image file nam...
Hello ASA lovers, I have a question regarding ASA. Consider this scenario we have an ASA connected to two service Providers with two interfaces and remote VPN connections are coming through bothISPs My question is how I can configure the ASA to route...
We have a vASA in AWS that has been configured with Anyconnect VPN support and have noticed that we are able to connect, however, the initial connection takes about 90 seconds to complete. After being connected, the client will disconnect and automa...
Hi All, Please Help if anyone can...I have a private service hosted on an external partner which has a public IP (187.x.x.x), they allow traffic from our office public IPs, so when I am at the office I can access the service, but when I out of office...
Could you pls let me know which iOS releases do support for SHA256 encryption for user & enable credentials?
Resolved! FXOS Upgrade on an HA Pair
Hello,I am planning to upgrade FXOS from version 2.3 to 2.6 on a couple of 4100s.. these host 2 FTDs in Active/Standby...I have gone through the upgrade document ..but my query is that when the standy member is upgraded first and when it will boot up...
I would like to purchase ASA5516-FPWR-K9 without IPS,URL and AMP.Can i just run this model just as a firewall without having to purchase extra licenses?Thank you
Hello all experts. Does anyone have experience configuring OSPFv2 routing on FTD 6.4.0.6 with other vendors devices such as Palo Alto, Fortigate or Mikrotik? The 2 devices does not form neighbor relationship. On other devices (ex. PA), I see the FTD ...
Resolved! ASA 5506 VLAN Routing or ACL problem
Hi, it's mi first time i worked with a ASA/ or a firewall like this and i have some problems to configure vlan/subinterfacesin the tutorials i found it looks easy, but it dit not work.same networks security (should) can comunicate ... but if i start...
Hi, we currently have an issue with our FQDN access-list. We have allowed access to FQDN smtp.office365.com and outlook.office365.com via HTTPS (acl_dmz). Unfortunately it is sometimes not working properly - as you can see here from the output. I f...
Resolved! ASA 5510 PROBLEM.
Hello there, the nat (inside) 1 10.1.1.0 255.255.255.0 and global (outside) 1 interface are deprecated and I don't know what to do after the IOS upgrade.I don't have access to the the internet.My show run is the following.Please help. ciscoasa(config...
Hi guys, Today i had a big problem with 2 Cisco ASA 5545-X with fire power services in active/standby mode. These are the perimeter firewalls. The active firewall had a high CPU usage of 99%. After working with Cisco TAC, it was identified that th...
