During the initial set up of the ASAv in Azure, I created the virtual machine, all the IP Addresses, etc. After setting up (what I thought was the correct way to do so), I cannot get the initial ASDM web page to load. It's an odd thing. Let me exp...
I had a question about the ASA's state table. I may be overthinking this!When going from a higher security level to a lower security level, the ASA keeps track of the state of the connections, which you can see by 'show conn'.However, whenever you po...
Hi I was wondering if someone could give me some assistance. I have been having some routing issues on the Cisco ASA. Firstly, this seemed to be an issue with inter-vlan routing which was causing some issues, and after some reading etc. I think that...
Hello Cisco Team, Can anyboby done Application based Rate limiting in Cisco Firepower.As far as i know it is supported in Firepower 2100.But my Concern is do i need to install SSL in all my end point machines.if so then it is practically not possible...
Hi All.. ive setup with my 3rd party bank using NAT.for example.. if i want to hit their server, i would need SNAT from my side.if they want to hit my server, i would set for DNAT from my side. how about i want to hit their server and get hit by thei...
Hello, i hope you can help me,i have 26 remote sites connect to an ASA in Guatemala Downtown, in Guatemala DownTown live 2 subnets (10.150.86.64/27 and 10.150.71.160/24) i have ready the VPN from Remote Site and Guatemala DownTown, this connection it...
So I am just doing some testing on home lab. I have a bunch of ports under a group called web-ports (see attached). Internal PC is still being blocked from accessing the net and only works if I change from Web_Ports to all IP service. Any idea what o...
Hello I have an issue with NAT configuration packet-tracer input DMZ1 tcp 192.168.141.20 1212 192.168.140.20 445 Phase: 1Type: ROUTE-LOOKUPSubtype: inputResult: ALLOWConfig:Additional Information:in 192.168.140.0 255.255.255.0 insidePhase: 2Type: ACC...
We recently moved off our older ASA5510 hardware platform is favor of a 5506-X. After the upgrade we started noticing some extremely odd behavior on the 5506 forcing us back to the 5510. On the 5510 we routinely saw 500-1000 connections per-second...
I am in requirement of double NAT (Primary and Secondary) in Cisco ASA, I need to configure single public IP to 2 different Inside Local IP address, in any case primary IP address fails, ASA should nat public IP to secondary IP. How do I achieve this...
We have just received 18 ASA 5506 swap from the 42/82 RV's installed on our customers. Currently the role of the RV is to be the LAN gateway of the AP's, Loadbalancer, and VPN with the matrix of Oi for management.Now, as we know little about ASA5506,...
Hi, I've deployed an FTDv/NGFWv in an AWS VPC, changed the firewall mode to transparent, and registered it to an FMCv. I've attached two additional network interfaces to the FTDv in the same subnet "192.168.1.0/24". Now when I try to create a BVI...
Hi,Based in the following link: https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos241/cli-guide/b_CLI_ConfigGuide_FXOS_241/interface_management.html#id_20107 in application management in FTD they have the following interface type:- Da...
Hi Everyone. I've been trying to setup a simple network which has 1 firewall, 1 switch and 2 PCs. Please see the attachment for the topology. My goal is that I want my PCs can ping 8.8.8.8 of the 'internet' switch (from my attachment). But for now,...
Greetings all, Want to ask the community if any native IOS-XE functionality exists to dynamically perform Geo-IP filtering on public Internet facing interfaces? Obviously you can do this with FirePower, but that is a next gen firewall that is design...
