I have a vendor that I need to set up a site to site vpn with and they want me to use public IPs in the encryption domain. Can anyone explain why they would want to do this or if it offers any security benefits or weaknesses?
Network Security
Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(83) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,492) -
Cisco Bugs
(24) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(133) -
Cisco Firepower Device Manager (FDM)
(801) -
Cisco Firepower Management Center (FMC)
(2,882) -
Cisco Firepower Threat Defense (FTD)
(3,122) -
Cisco Press Cafe
(1) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(41) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(257) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(21) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,565) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(315) -
MPLS
(1) -
Multicloud Defense
(1) -
Network Management
(90) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,549) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,758) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(620) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(5) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(40) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
I would like to deploy FMC HA across two data centers. There are two data centers. Each data center has- 1 FMC- 1 pair of FTD HA Note that please find the attached network diagram. Because there are existing firewalls in between two data centers,does...
I have Cisco ASA5545-MB running in Active-Active Failover in DC. I have got task to upgrade this ASA to work with Firepower Services and install IPS on it. There are some challenges which I would like to overcome:-1) Do I need to remove the IPS legac...
Hello, Monitoring Team has reported that the Firepower Devices in the environment are reporting the following alert : "Multicast routing group status is not normal" Need help in understanding what might be causing this alert and how to remedy it .Tha...
Hello, I need help in understanding the audit trail in Cisco ASA.How can i cross check if audit logs are being generated in ASA and are being forwarded to syslog server correctly
Have a basic setup w/ a e-lan circuit that terminates on a subinterface of the ASA w/ a /29 defined. The ASA and the remote firewall each have an ip in the /29 and ping the far end device to see if that link is good. On the ASA i have the following...
Resolved! ASA 5510. VPN Tunnel. UDP traffic.
Hello! Friends! I need your advice. I do not have ideas. May be you can help me.So a have two offices (office 1 and office 2), for it connecting i used cisco asa 5510 and VPN between it. (site2site)office 1 - 192.168.101.0/24 office 2 - 192.168.104.0...
Hello! I've run to the situation, where i configured my ASA completely and left the licencing for the last step and apparently i could not licence it because of non-existent FirePower Services module in ASDM, where i'm supposed to obtain the licence ...
Hello All,i am trying to monitor below ASA firewalls and want to know the oid which will give the disk utilization status when polled. which MIB file will have the SNMP oid for this.ASA5506-XCISCO ASA 5508Cisco ASA 5525Cisco ASA 5545 regards,Prasad
HI All,We have ASA 5516x with firepower in HA at two different location and we are using virtual FMC at branch level. Now our requirement is to move FMC in DC(other location) and add both location firepower.I have some query to perform this activity:...
Hi,How to check Standby serian no (Activie and standby) from Primary firewall console ?Without connect console to secondary fireall ? how to check this from primary firewall ?thanks in advance ?
Resolved! Rule on ASA to allow syslog traffic?
So if you have a syslog server on inside network/interface of ASA, and have an IDS/IPS on Outside of ASA you want to send its logs to the server, you should allow the mgmt IP address of the IDS/IPS if it is setup for syslog forwarding via its mgmt in...
Good Day,Im currently having an issue where i have my sub interfaces configurated on my router. I also have an ASA5508 that i am using to control traffic. The asa can block traffic between the outside(isp) and inside(internal vlans) with no problem. ...
Resolved! ASA Cluster: Replace SSP modules
I have 2 ASA 5585-X SSP 40 cluster installed with Oldser generation IPS-SSP-40 modules. The IPS modules are used only for their 10 gig interface capability for the data path, without being used for any IPS functionality. The 10Gig Network Interface o...
SNMP trap configurationHi,I am attempting to configure SNMP traps for Power Supply failure, Critical CPU temperature, Fan failure on my ASA firewall.When I enter the command "show run all snmp-server" , I get this output: "no snmp-server enable traps...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 06-15-2025 06:46 PM | ||
| 06-13-2025 08:07 AM | ||
| 06-12-2025 06:02 AM | ||
| 06-11-2025 07:59 AM | ||
| 06-11-2025 06:59 AM |
Top Solution Authors
| User | Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |
