Hello I have an event configured as: event manager applet Weekly_Backupdescription scheduled autoevent timer watchdog time 604800action 1 cli command "backup /noconfirm location ftp://cisco:cisco@IP.ADDR/Firewalls"output none This is working very fi...
Forum Posts
Hi colleagues! I'm not a novice in ASA, but this problem got me baffled. I'll start without too much of a technical detail: I have two ASAs with an IPSEC L2L VPN between them, like this:LAN1 - inside - ASA1 - outside - (public internet) - outside - A...
Resolved! Global Vs Interface Policies
Hello Team, As now Cisco ASA supports Global ACL wouldn't be this advisable to use it rather than using Interface based ACL ? Can someone please advise me positive and negative parts of it? I think once we use global ACL this is more like a Checkpoi...
Can I ask about the command 'dns domain-lookup <interface name>'it looks like a global command...this won't affect our own DNS internal systems for anything else will it...it will only comeinto use if using the firewall for DNS lookup for the three F...
Hello everyone I have been working with Cisco ASA's for several years. Im very used to the <crypto maps> setup for IKE1 and IKE2 tunnels on the old ASA code. Now Im working with a 2130 with version 6.5 againt ASA's with 8.4 code. My problem now is th...
Hello everyone,i need some support to understand if there's a possibility of create a local user on an ASA Firewall and force the newly logged user to change his password. Thanks,Andrea specsASA5545Cisco Adaptive Security Appliance Software Version 9...
Hi, just two quick questions. We have a L2 ASA on our network and we want to exempt FTP inspection for one specific communication between two devices. I suppose we can just create a new CLASS that matches an ACL with the relevant IP Addresses, and t...
We have multiple ASA5506-X Firepower units in our FMC, each with different licensed dates for Firepower services - and it is telling me they are expiring. How can I determine which one? I don't see anywhere where it associates the license with a devi...
Hi Everyone,Currently, I am using the Rest API provided by FMC for the automatic deploy request, but I can't determine the exact timestamp. Please give me a sample code using the Python language to determine the timestamp. Thanks.
Hello everyone, I'm hoping someone can answer this question for me - Does CDA 1.0.0.011 Patch 6 support Remote Desktop Session Hosts (Terminal Servers)? I'm asking because I'm experiencing the following issue - When one user logs into a terminal serv...
Sorry: I posted this message in the wrong thread. I tried to move it to Firepower or to delete it but I can't. Sorry ISE people. When a managed device performs Local Malware Analysis on a file, it caches the verdict for x hours. Example: if file is ...
Hey guys just let you all know that the SFR Module on the 5512x and 5506 are no longer supported on the new 9.10 train! You are stuck running 9.9x. It bit me! It wipes the SSD and you have to rebuild!
CISCO 7942 Ip Phone stops working when scanned with Tenable security center - any solution to scan for vulnerabilities. Other impacted models &911,7965, 7962. Let me know if any nessus Specific plug in is required for TSc to scan without bring ing th...
I have a pair of 5540 firewalls.Currently secondary is active .2 and primary is in standby .3 mode.The problem is that I am not able to ping from active to standby IP and vice versa.Even though I can ping them both from the local network.I can ping w...
Running 9.9(2)52 with fips enabled. TLS is set to 1.2 (DH group 24 and ECDH group 20) with a subset of the Cisco "high" ciphers configured. SSLlabs and other tools still indicate the following CBC ciphers are enabled:TLS_ECDHE_RSA_WITH_AES_256_CBC_...
