Snort IPS document said that Configures an interface and enters interface configuration mode. Configure a VirtualPortGroup interface. This interface is used for management traffic when the management interface GigabitEthernet0 is not used. for exampl...
Forum Posts
Hello all,I am pretty new to the ASA and I was thrown in the fire. I have learned a lot done a bunch of training. But still running into questions I can't seem to find the answer to. Currently the device I have shows as a NGFW not an NGIPS. I've b...
Hi! I own a Cisco RV345 Dual WAN Router and currently I'm facing kind a strange problem, where i don't know the reasons: I have a fixed external IP from my ISP (assumed 1.2.3.4). Inside my network i have 2 VLANs. Only one WAN is used and active. When...
Hi all, I'd like to ask you if you have experinced in your setup usage of inbound and outbound ACL applied to the same interface of course in rights direction? I'm asking because usage of outbound ACL (direction out) is quite rare I would say.Let's s...
Hello, I am trying to filter DNS request from VPN Clients calling for "_cisco-uds._tcp.*" but when I did the obvious from the Connection Events Tab and trying to add the domain to the global blacklist it says that it is an invalid domain. Privious...
Hello, I need to perform an FXOS upgrade on our FPR4120 nodes which are configured as a cluster. (as preparation to upgrade FTD) According to the documentation: I have to start with the slave node then switch master/slave roles and then upgrading ...
Resolved! Firepower 4110 reachability
Hi. I have a Firepower 4110 device which my colleague has reset its password. Now we can ping its management IP address but cannot connect to that IP address via HTTP(s)/Telnet/SSH. Even I didn't managed to connect to that IP address while I attached...
Hi All, We currently use a variety of ASA's of the 5512,5515 and 5516 variety to segregate non internal networks. These inner firewalls run DHCP Relay to our DHCP servers in the inside network, so DHCP requests would leave the relevant device, trav...
Trying to load a config. We login to the device, enable and conf t. None of the commands are working. We just get an errorERROR: % Invalid input detected at '^' marker. And nothing in my config is there. Example commands would be ip, name, etc... Th...
Hi All Just curious if anyone has encountered the similar situation before. I have configured the FMC's Management/Audit logs to be sent to a SIEM via syslog. (System > Configuration > Audit Logs) The problem I have encountered is that the user...
I upgraded my FTD firewalls to 6.3 and the old configuration for getting traceroute to work is no longer valid. Does anyone know how to get traceroute working on 6.3+ code?
Hi Everyone,Does config below ASA1(config)# nat (inside,outside) source dynamic any interfaceWill do the PAT when source is any IP from inside interface of ASA and going to any destination IP address?RegardsMAhesh
Hello experts, I am migrating from SRX to ASA5516-X and I need to apply a lot of configs to the new box (network and service objects). I searched online to find a solution to my problem but unfortunately nothing came up. The cli is usesless and web u...
From the ASA, if y ou do sh crypto ikev2 sa, it show the following below. Are all the child SA just allowed subnets on the tunnel? Session-id:2758, Status:UP-ACTIVE, IKE count:1, CHILD count:14 Tunnel-id Local Remote Status Role1682665127 X.X.X.6...
Running a debug but for a particular IPSEC VPN shouldn't cause much of a degradation and/or impact on performance correct or possibly? The following is all I would need to enter? debug crypto condition peer www.xxx.yyy.zzz
