Have several PIX 515's. I can cfg a l2l VPN between 2 of them (or ns5gt's) w/o a problem. To test NAT-T I have 3 PIX's in-line. PIX1-PIX2-PIX3. Traffic is generated from a PC hung off PIX1 to a PC hanging off PIX3. All is fine but NAT-T doesn't seem ...
Forum Posts
Hi, I have a failover cluster FTD device on an FMC.I would please like to know if interface monitoring needs to be “checked” under the Device Settings of each FW on the FMC, for interface message IDs such as; 101002, 104002, 105032 to be triggered, b...
Resolved! HA ASA 5505 and 5506-X Firewalls
Hi is it possible to HA between ASA 5505 and ASA 5506-X Firewalls running same OS version . BR
I am trying to establish a base policy on a FirePOWER deployment. I want to introduce ANTI-Spoofing of RFC1918 addresses and all other reserved IP addresses to block anything at the Firewall with such addresses in the source. I understand that revers...
Hi,I recently upgraded Cisco ASA 5505 firewall to its latest version 9.2.4 from 8.2 but after upgrade Cisco ASDM is unable to read asa image. Can you please let me know the issue and how it can be resolved. Thanks & kind regards, Muhammad Hamid Ashra...
My manager went to a conference. She came back asking about replacing the routers in our WAN with firewalls. My knee-jerk response was no way, but we are migrating to an ethernet based WAN - so maybe? Any thoughts?
Hi Guys,Do you know if Cisco Firewall behavior is based on RFC?In addition, what is the difference between old 8.2 to 9.x in terms of the packet flow from ingress to egress?Thanks
Hi,What is the difference between "Firepower Threat Defense-Firepower NGIPS-Firepower Services on ASA" ? ASA Mid-Range (5512/15/25/45/55) does not support firepower NGIPS ?. Does it mean it does not sNG features ? Thanks
Resolved! Inter vlan port forwarding
Hi,I currently have a vlan setup as below on a ASA5516, other ports are unconnected, this is connected to a Cat3650 switch with the vlans setup.interface GigabitEthernet1/2no nameifno security-levelno ip address!interface GigabitEthernet1/2.10vlan 10...
Hi- I added a new access list statement, but it went after deny. The only way I had to move was using ASDM software. How can add an acl line before deny in acl? e-gremark test access-list inside_in line 7 extended permit tcp host 1.1.1.1 host 2.2.2.2...
FTD and OSPF MD5 authenticationHi all,I am trying to get OSPF authentication working between router 4451 interface and FTD 550x-X with FTD image, managed by FMC. Connectivity works and also OSPF adjacency is up, without authentication is used. So it'...
I have a Cisco ASA 5510 and when someone VPN's in they can't reach one of my subnets (10.0.10.X). This subnet is tied to my AZURE servers and when a user tries to do anything that will require ADFS it fails because it can't connect. If they discon...
Hi,If we use the asa 5545 at internet edge , what is the configuration best practices to get maximum throughput Thanks
Resolved! Latency through a vFTD transparent NGIPS
Hi, With a vFTD setup as an inline-set transparent NGIPS using the bare minimal settings we get huge spikes in ICMP latency for traffic going through it. The example in this post is just a test lab to keep it simple and prove definitely that it is ...
Hi,How the ips ,ngfw and threat protection throughput related to Firewall throughput And what is the difference between the ips ,ngfw and threat protection throughputThanks
