Hi everyone My company using WSA and ASA with firepower, flow under the action of WCCP, be ASA redirect to the WSA, when the user's endpoint access to the Internet, I view the event on firepower, found that the source address is the address of the P ...
Forum Posts
i have a ASA5520 with a ASA-SSM-10 with asa version 8.2(2) and asdm 6.3 , i need to upgrade it to the lastest which is 9.1.7 and asdm 7.8.1 , my question is that can i jump directly to these versions? or is there intermediate versions?also should i ...
hi. we configured firepower that scan new detected ip host using nmap. it works as expected. but when firepower scans host it is shown on event and Initiator User seems to be netadmin. Shouldn't it only depict Unknown for Initiator user? How we could...
Hi there, I'm reading the list of topics for the IINS 210-260 exam here: https://learningnetwork.cisco.com/community/certifications/security_ccna/iins-v3/exam-topics I'm using the official cert guide and if I check Appendix B for exam updates some co...
GreetingsI've been running ASAs with Firepower services 5508 up to 5525s for some six years now and would like to know if there is some consensus out there on where the majority of ACL should be implemented. I've always had an idea of keeping the bas...
Hi , Pls tell me Is it necessary to have 8GB DRAM and 8GB Flash memory for IPS/IDS functionality to work on CISCO 1100 Series. If yes does it mean only C1111-X8P (X indicates advanced security features) is only product with IPS/IDS. We cant use C1111...
In Release Notes for the Cisco ASA Series, 9.7(x), there is a mention below:Dynamic RRI for IKEv2 static crypto mapsDynamic Reverse Route Injection occurs upon the successful establishment of IPsec Security Associations (SA's) when dynamic is specifi...
Hi guys,I would like to know does any of you have experience with Firepower 2110. I found that neither BVI (on routed mode) and redundant interface are not supported on this device. So, what the replacement would be? How to enable redundancy?Thanks i...
Resolved! cisco firewall buying - vpn sessions
Greetings,My customer is asking for a firewall with Number of concurrent VPN tunnels= 10,000 and Number of security policies: 16,000 . I am not able to find in Cisco this. Can someone please share their knowledge and experience about this? Is 2140...
Hi,I have AMP for network on Firepower 2130, have configured file policy etc and have been using this site to testhttps://www.eicar.org/?page_id=3950. Http request are blocked by AMP, however https are not, we then configured ssl decryption, import c...
Okay so in my last discussion I wasn't getting an IP address from the ISP. Now I'm getting the ISP assigned dynamic IP address on the ASA, but I'm not getting the DNS servers of the ISP automatically on the ASA. I do get the DNS servers automatically...
Somewhere in upgrading to ASA code 9.1.4 and CX code 9.2.1.2 (52) we've run into a known and as yet still open bug (CSCud54665). The symptom that we experienced was frequent failover back and forth due to 'Service card in other unit has failed'. Th...
GreetingsI'm attempting to use an ASA to route two VLANs to an outside interface that uses NAT/Port Forwarding on the outside IP to access several servers within one of the aforementioned VLANs. The following diagram shows the topology. The router...
Hello everybody,I have a ASA5505 running OS rel. 9.1(7)32.Between this ASA and the target network are two different lines, one with encryption (S2S VPN) and one MPLS line.Depending on the source IP network I need to route that packets defferently.The...
Resolved! ASA L2L session is normal ??
If you look at the L2L VPN Session, you will see nothing in the session list.The configurationone ASA5525 (headquarters) and two ASA5516 (branch offices) are connected5525's outside IP is connected to Dynamic. I attach running-config.Help me plz!!!
