Network Security

FMC TO FTD latency is accepted ?

Hi Team We need to manage the firewall in different geographical location with the management server(FMC) in our DC. My questioned are : - 1) what is the acceptable latency in ms is accepted to manage the appliance and pushing the policies ? 2) If ...

ASA 5506-X PAT,NAT,ACL Single Public IP

I'm having a confusing moment configuring static NAT with a Single IP address. I want to allow TCP-1723 traffic through to a server on the inside interface, while using a single IP address for this static NAT and PAT from inside to outside. So for...

DHCP Relay problems

Hey guys, so last weekend I had a problem when implementing 2 Cisco 5508X ASA's. I had the routes correct, the VLANs being trunked, mac addresses on the interfaces and even thousands of hit counts on my rule sets. Only problem was that I was not ge...

STREAM5_NO_3WHS events

Hello, I have events from this preprocessor signature STREAM5_NO_3WHS I just read online that is triggering when the 3way handshake is not completed. Do you have more info o documentation? Thank you R

ASA 5506 - vpn up but no local internet

Hi All, I'm trying to set up an asa5506-x with 3 local lan's and one of the lans connected via site-to-site vpn to azure I have got the local configuration working ok. And after some trial and error have got a VPN config that works in as much as the ...

Resolved! Implementing DoS sevice-policy on ASA 5525-X v9.8

I am looking to implement a service policy to protect against DoS SYN attacks. I have this config that I'm planning to apply (see below). Question is, it better to apply it to the outside interface (where no policy currently exists) or to the globa...

Resolved! FMC - NTP Authentication

Hello, How can I configure a key in FMC to connect to a secured NTP server? There is no option to configure it in System > Configuration > Time Synchronization or am I blind? :) Thank you, S.

Questions - crypto key zeroize rsa

I would like to remove the Default-RSA-Key from my HA ASA 5525-X with FirePower, as it was only created with 1024 bits, but I have a few questions... If I use the command "crypto key zeroize rsa" will all the keys get removed or just the default? ...

Resolved! Doing HA in FTD trial license period

Hi all is it possible i do the ASA FTD in HA (active-passive) during the 90 days trial license period, whilst waiting my maintenance team doing the smart account for it? Thanks Noel

Cisco ASA 5505 IPv6 Configuration

Hi, I have the following interfaces on the firewall: !interface Vlan2 nameif outside security-level 0 ip address PublicIPaddress 255.255.255.248!interface Vlan717 nameif inside security-level 100 ip address 192.168.X.1 255.255.255.0! object netwo...

asa 961 upcoming sched

Hello all, This might be a stupit question, but I was wondering, when I enter Show Licence all theres an Upcoming Scheduled Jobs: Column which I am not sure what this is. Anyone? Thank you

Allow LAN traffic - site 2 site vpn - Urgent

ISSUE: I have a site 2 site vpn tunnel but LAN traffic is not passing: e.g. ping, rdp. 1. on restarting the asa firewall I cannot see the tunnel coming up in ADSM: Monitoring --> VPN --> Sessions - before I could see the tunnel up, do I need to ...

Resolved! Does ASA5506 support EAP-TLS for IKEv2 remote-access?

I have an ASA5506 configured as an IKEv2 remote access VPN using certificate authentication, and am trying to work around the horrendously broken IKEv2 client on an iPhone 8. At the moment, it only supports using certificates with EAP-TLS; plain cert...

Resolved! NAT backend behind inside routed network for outside access

the scenario is this , asa running ios 9.8 , with public internet interface, lets called INET_IF , then as an internal interface a INTERNAL-10.68.89.210 255.255.255.192 ( asa ip is 210) , then , behind this network, and via a gateway, i can reac...

Resolved! ASA-5505 Transparent mode

I have the need to harden 3 legacy servers and the ASA-5505 was picked for the solution. I want to start by allowing traffic pass and then add ACL's to gradually increase the security. The ASA will be in the middle of the network, that is why I like ...

Network Security

Forum Posts

FMC TO FTD latency is accepted ?

ASA 5506-X PAT,NAT,ACL Single Public IP

DHCP Relay problems

STREAM5_NO_3WHS events

ASA 5506 - vpn up but no local internet

Resolved! Implementing DoS sevice-policy on ASA 5525-X v9.8

Resolved! FMC - NTP Authentication

Questions - crypto key zeroize rsa

Resolved! Doing HA in FTD trial license period

Cisco ASA 5505 IPv6 Configuration

asa 961 upcoming sched

Allow LAN traffic - site 2 site vpn - Urgent

Resolved! Does ASA5506 support EAP-TLS for IKEv2 remote-access?

Resolved! NAT backend behind inside routed network for outside access

Resolved! ASA-5505 Transparent mode

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

FMC Instance not registered with this management centre

Cisco FTD Migration from 4100 to 4245

My CSLU(Cisco Smart License Utility) can't login into Cisco.

same question, same issue, Intervlan routing not possible at FTD

Migrate from FMC virtual 300 to FMC virtual

Where is the FTD/Anyconnect/Cisco secure client Compatibility matrix?

ASA 9.14.4.24

FTD and FMC backup creating a sf-storage folder

Route Based VPN FTD

Multi instance 3120 FTD - Each instance in different FMC Domain