Question: Is the IPS configuration the same for the 2911 router as the 4240 IPS? Thanks, joe.
Forum Posts
Hello All, I am trying to configure an UCS-E Box with ASAv installed on it at VMWare side. If you see the Diagram it will be more easier considering what I am thinking to execute. ISR router model is UCS-E140S-M2/K9 with in built switch install...
hi I'running Cisco FMC on VMware, what I did was in the GUI in the The Access List,removed any, replaced with my LAN ip subnet as source for: 443 (HTTPS)—Used for web interface access. 22 (SSH)—Used for command line access. "By default, access ...
Here is the setup. I have a single ASA, and single Microsoft NPS server acting as the Radius server. I would like to have two VPN group profiles on my NPS server, one for each of my two user groups. In the past, I have resorted to using two NPS/Rad...
We are doing a tracert to our internet router. The first time it takes 3 hops The first hop is the Cisco L3 core switches The second hop the firewall The third hop the internet router. The second time i do a tracert from the same machine an few se...
Hi, We are having a issue with our Firepower User Agent for AD. During the last week the user agent has stopped the service a couple of times. So this caused the mapping of the users to be lost. Looking in the agent we saw the lines pointing to the...
i have some problems about packet-tracer in ASA9.8, The asa config Static NAT and dynamic PAT packet-tracer input outside tcp IP_1 50021 IP_2 21 IS IP_1 is real address and IP_2 is Mapping address ? thanks zhixin
Hi, I am trying to learn about certificates used by the Cisco ASA, Can you please recommend a resource or document that has this information. Thank you
Hello community,sorry for my bad english,i want use function remove objects "Not Used" for cisco ASA 5515, but my team say it this can lead to bad consequences (nat, acl remove). I can not find to what exactly problems. Is there a risk?
According to NAT section rule section 2 should be processed before section 3. In my test LAB the section 3 get processed. In other words Twice-NAT (after-auto) get processed. Expected is section 2 object NAT + PAT There are two rules 1) Object...
Hi all,On of our customers added a new subnet on their side which we want to reach trough an already existing S2S tunnel. The new subnet the customer added is: 192.168.59.0/27.We're working with a pretty old ASA, with old ASA software 8.2(5)55 as wel...
Hello,I find that every 6-12 months I will log on to the ASDM and go to the Network Objects/Groups section and spend ages right clicking on each object and seeing if it is still being used and if it isn't I then delete it. It can take a long time as...
Resolved! FMC Question
Hi, I've installed my firepower from ftd management (locally) and it is working now. What happens if I add this FTD to the FMC? Is the configuration is lost or the configuration is fetched from ftd to the fmc? Thanks.
I have a customer currently running 6.2.2 FirePower code managed via FMC. They have 2 separate circuits from the same ISP with different ranges and want Circuit1 connected to Primary and Circuit2 to Secondary so that, should a failover happen, they...
I have 3 ASA 55xx-X devices which are running ASA 9.9(2) code and FP code v6.2.3.11 All devices have Protect and Control license. When they are connected to Virtual FirePower MC they are listed as unlicensed. They were properly licensed before connec...
