Any ideas why I cannot SSH from any clients on the 192.168.68.0/24 network to the inside interface IP of the ASA?namesname 192.168.68.0 Net-NY2-SERVERSname 192.168.168.64 Net-NY2-NETWORKip local pool temppool 192.168.0.10-192.168.0.15!interface Gigab...
Forum Posts
Team, We currently have about 40 sites, with each one of those sites they each have their own domain and are split between 5 different FMCs. Each site has either 1 or 2 "Internet" connections, with at minimum one of those connections is back to the "...
I have down loaded the new tool. It will not open in a Chrome or any browser. I had no trouble with v1.0.1 Anybody else run into this?
Resolved! ASA5525
can some please help me with this issue ? asasfr-boot>system install ftp://10.30.2.40/asasfr-sys-6.2.0-362.pkg Verifying 111Upgrade aborted. ASA-5525-1(config)# SH RUN BOOT boot system disk0:/asa981-smp-k8.binboot system disk0:/asasfr-5500x-boot-6....
RSA Netwitness SIEm and Firepower FTD - Logs unreadable cannot integrate with SIEM?Is there a solution to this or a configuration guide?
I have one doubt, do I have to clear the interface statistcis "clear traffic" and then take the output of "show traffic" or its to take without clearing the traffic.Below chart displays the throughput calculated without clearing the traffic rates -...
Resolved! Nat traversal
What is the exact use of nat traversal .Can anyone explain with a scenario.
Hey Champs, I just started to working on a cisco environment and I need your help for Cisco Secure ACS and Cisco Prime Infrastracture tools. How do I learn it.? Please share me the related docs file or any other materials to learn those things in eas...
Resolved! Firepower NAT confusion
Hi All, I'm currently writing a migration document to move from SOPHOS UTM to Firepower and i'm getting a little confused with Firepower NAT.Lets say i want to configure what i used to call a "masquerading" rule (NAT Overload or PAT)I create a Dynami...
So if you currently have an IPSEC tunnel allowing 10.10.10.10 to remote host 20.20.20.20 and need to allow more hosts to access 20.20.20.20.Would natting lets say the additional hosts you want allow let's say 50.50.50.50 from Inside interface to 10.1...
Sometimes I only get data on Egress interface.I use let's say 10.10.10.10 as source host to 20.20.20.20 destination on both the Ingress and Egress parts of the Packet-Capture filter in the ASDM.I will only get data captured on Egress interface. Known...
Hi, do you somebody know, how I can monitor FTD all CPU load? I know, that FTD has 2 level CPU (LINA and SNORT). I need monitor CPU load HW appliance. If snort is high load, this not mean, that FW is overloaded. Thank you for your advise.Tomas
On the ASAs (8.x) when i creare a crypto map it automagically adds:set security-association lifetime kilobytes 4608000I have been able to change the number of kilobytes but have not been able to remove this setting entirely for tunnels where we do no...
Resolved! NAT reverse path failure
I have a wan router(70.70.70.129) from where I need to access a syslog server on inside with its real ip address(192.168.1.192). I have setup an access list on outside int:access-list outside_acl extended permit udp host 70.70.70.129 host 192.168.1.1...
Hello, I am trying to setup site to site VPN with NAT ip address inside. I can ping through to the absolute destination but cannot ping through to the NAT ip address. VPN Tun inside NA...
