Anyone run into issues with FTD, in what appears to be random cases the application detection engine doesn't classify a flow with AVC application protocol / client information?
I have seen it on SYSLOG, NTP, NetBIOS-ssn (SMB [TCP 445]), and other app...
We are wondering,if it would be possible to use for example 5506x in transparent mode and connect it between two switches. Then it should control the ip traffic in all vlans. With Sophos UTM I know, this works (you even do not have to have IP address...
Hello community! I investigated problem with rapid overruns growth on inside interfaces on my ASA5505 and havent more ideas. Interface Ethernet0/1 "", is up, line protocol is upHardware is 88E6095, BW 100 Mbps, DLY 100 usecAuto-Duplex(Full-duplex), ...
Hello Community members, I need your help with a requirement that we have.We have IPSEC Tunnels established, as below:IPSEC Tunnel established between Site1 (Austria) & site2 (Sydney)IPSEC Tunnel established between Site2 (Sydney) & Customer (Perth)T...
We have a client that has 2 ASA 5516-X, one they want as an IDS only (inline) and the other as their Firewall. The firewall will be the gateway for their VLANs. The topology is as follows: Endpoint ---L2 Switch (multiple VLANs) ---- ASA (Intrusion...
Hello, I have configured Firepower Management Center with the 2019-06-30 snort version file. I am trying to generate an alert when I type "nslookup 8800.org" on my laptop. Right now, it is not generating alert for the same. I tried to look for the "B...
Hi Everyone, Can anyone help with sizing the Cisco ASA 5500X? Total number of user will be 150. Total ISP bandwidth will be 50Mbps.Services used will be - URL Filtering, Application Control, AMP, IPSEC, IPS/IDS. If anyone has sizing document, do shar...
PCI scan came back that aggressive mode needs to be disabled on ASA. I am looking through forums and researching, I am seeing conflicting information on this. The command to disable aggressive mode is crypto ikev1 am-disable. But this is where it is ...
Question regarding throughput with AVS and IPS inspection in a multi instance setup. As far as I can tell, enabling multi instance basically cuts your throughput in half when deploying rules with IPS policy inspection enabled. Running iPerf tests th...
I have both SNMP v1 and v2c enabled on my asa Output given below:asa1/admin# sh snmp-server groupgroupname : xxxxx security model:v1readview : def_read_view writeview : <no writeview specified> notifyview: def_notify_viewrow status: activegroupname :...
HelloASA5508 with Cisco Adaptive Security Appliance Software Version 9.8(2) Currently all HTTPS traffic is assigned the firewall outside interface IP address. I have about 13 external IP addresses. How do I assign all outbound https traffic its own I...
I have an old 5505 and recently upgraded my internet from 75 to 100mbps but am only getting about 65mbps up and down. I spoke to the ISP, Verizon, who had me test the speed with my laptop connected directly to the Verizon equipment and I was getting ...
