Hi, I've published a new FTP over TLS server with Windows 2012 R2 and behind an ASA 5515-X. I'm using Passive mode so I configured ports 21 and the range for PASV to permit FTPS traffic. These are the results: ASA outside IP (Labs network) is x.y...
Forum Posts
Resolved! FTD Rule Logic for URL Filtering
Hi All, I have been running into an issue with setting up rules in FTD specifically involving URL Filtering. If I create a rule set like below: Seq | Source int | Dest int | Source Add | Destination Add | Port | URL Categories | Action 1 ...
Hello All. Looking for some help with a S2S VPN tunel. The Phase 1 is up but I am unable to pass traffic, cant seem to find the issue. Here are my configurations, any assistance would be helpful. Here is my spoke ASA 5505 config.ASA Version 8.2(5)!ho...
Can you still give the mgmt interface and IP address and use it for out of band mgmt ssh access even though the ASA has an SFR module?
Hi All, I am planing to replace our existing firewall and fortigate with CISCO 5525x, currently both are used only for internet trafficfirewall is just for security and the fortigate manages the user data usagewould like to know if it is possible to...
hi everyone,for some reason, my ASA lost the ios image, so i want to recover. what I did:in rommon mode, BUT !!! too slow, I suspect the rate is 9600 only, even I used the gigabit portif I upload a bin file which over 100M, it will take days......thi...
For ASA Firepower version 6 reporting, I scheduled a report and configured all details, I also mentioned that if there is no data still attach the report. However when I get the report at scheduled time I get without any attachment with body Schedul...
Hi; I'm trying to configure remote access VPN to Cisco FTD 6.2.2. My internal RADIUS is ISE 2.4 (patch 5). The remote access VPN establishes successfully; but some interesting things happens: I get double logs on ISE, one shows failed attempt and...
Hello. With the "stock" settings on an ASA5506 (firmware 9.8.2), I have noticed that there is an open TCP port 5060 on the WAN interface when I scan it using NMAP or any other network scanner. I see that this is usually used for the SIP protocol. I a...
Resolved! ASA5505 - Need help with port forwarding
Hi everyone,I have been struggling to get port forwarding to work on my ASA5505.So far I have setup an ACL to permit the port traffic and NAT rule to forward to port to the specific host.Packet tracer in the ASDM shows that the packet is allowed. How...
When scripting on a router to translate the following network's addresses to 192.168.x.x/24 addresses, which commands should be used? 172.16.4.0/24 to 192.168.1.0/24 The NAT pool is for the entire network.This can exclude the ACL statement since I kn...
getting the following error when running vulnerability scan: missing the "httpOnly" attribute.. The flaw is due to a cookie is not using the 'httpOnly' attribute. Thisallows a cookie to be accessed by JavaScript which could lead to session hijacking...
I see that as of ASA 9.10(x), Firepower can no longer be installed. 1. Is FTD still supported? 2. How long will the Firepower 6.2.x be supported on the ASA? 3. Do any low cost options (<$2000) exist that support Firepower? 4. Is a new model replaci...
We have a server that runs a script to block traffic from certain non-US countries. Every night it emails a list of the connections it had to block. We purchased FirePOWER - and configured GeoBlocking - to Block/Reset connections from those same c...
On an ASA I am getting ambiguous command errors on show commands. For example, this happens with "show route summary" and "show route eigrp". I am seeing this on a 5512 firewall running 9.4(4)5 and a 5515 running 9.4(2)6 I have an additional 5515 a...
