Hello , I have a Firewall 5545 and i would like to take output for each NAT translation (Nat Table). Can i have some help on this please ? I tried "show xlate" command but i have no output. Do you have any other idea ? Thanks , George
Hi All I have been given requirements by out it staff that they need to configure a server with a public IP address , This would not have a NAT , Can any one explain if its possible to protect this server behind our firewall ? As this will be on t...
Hey Folks, were trying to move DHCP off of our Firewall right now over to our Server that is running DHCP. I take it that as long as we have identical scopes including the reserverations and changing lease times for our machines to get new DHCP lease...
Hi, We have ASA pair configured with Act/Stby. failover cables are connected via a switch as both units are located in two different locations. We have one issue when primary unit become active and reload the same box (primary unit) get always comes ...
I am still leaning the cisco ASA and need some help with my tunnels. I was able to stand up and connect a VPN tunnel to my site successfully. The tunnel connects without issue and seem to be reliable in that it stays connected. One end is a Palo Alt...
Hello, I have been trying to analyse existing traffic on an ASA and need to figure out active (not stale) xlate info. If I issue 'show xlate' , it gives me: Global 192.168.1.1 Local 172.16.1.1 So, how do I find out that if this entry is actually...
Hello, Can someone shed some light on the following questions please? 1. What is the scope of show conn table? a. all connections through the ASA b. from lower security level to higher security level c. from higher security level to low...
Dear Team, I have a strange problem with VPN site to site ASA one way the VPN is up with transmit and receive traffic showing the other way the VPN is up with transmit only I tried to recreate the tunnel on both sides but still the same the proble...
Ok, this is my first venture to the cisco boards to ask a question. I have an issue where I have 2 subinterfaces on an ASA with the same security level (100) and same-security-traffic permit inter-interface, same-security-traffic permit intra-inter...
Dear reader/s, I have been asked to investigate the attached. This seems like a http flood attack to me. Please correct me if i am wrong. I have enabled http inspect on the ASA under default global_policy. Can you please suggest...
Hi Team, We have 1 sensor , it’s interface is down from long time. Though we can access the device since Ethernet cable is connected however we can’t see link on any interfaces. We have tried all possible things (swapping cable, swapping interface po...
I am getting below error in FP9300 chassis while trying to connect to smart software satellite server.We have locally installed satellite server.Generated a new token and import in FP9300.Also changed call home link to https://ip address:8443/Transp...
Hello, I recently made a deployment and created only Inside--->Outside Access rules with file and intrusion policies. My question is should I also create Outside--->DMZ rules with IPS to prevent inbound attack?
Is this right: According to the attached figure, there is no Network Discovery performed with a rule set for Monitor, even if the Network Discovery Policy included the subnet of the workstation involved in the connection? Thanks.
hi all, i just need a quick confirmation. i got a site that will use ASA 5525-X to PAT internal users to internet and establish a site-to-site IPSec VPN to HQ using a single public IP address on the WAN/outside interface. i usually get a /30 public W...
