Hello, somebody can help me please, I need to monitoring Delay from my Core to remote site with IP SLA in Cisco Prime. I need to know if when I create the new Monitoring Policies I would use CISCO-IPSLA-ECHO-MIB or CISCO-RTTMON-MIB for this task and ...
Forum Posts
Is IPv6 multicast routing supported on the ASA 9.8 platform? I know it is supported on IOS but I'm not sure whether there is any form of support (full /limited) on ASA. Thanks
Resolved! Appliance sizing tool
Is there a tool or calculation guideline one can use to determine the basic throughput needed for an environment. For example, using the size of the Internet Connection speed, number of internet users, gateway throughput with basic NGFW filter exclud...
Resolved! Lina configuration deployment issues
Hello, I'm trying to apply a FlexConfig configuration for modifying the TCP timeout for some connections but every time I deploy it I get an error when the Lina configuration is applying: firepower >> error : ERROR: Unable to assign access-list CSM...
Hi there, I'm trying to see what traffic is hitting this particular rule: access-list X line 1 extended permit tcp object-group SRC_X object SRC_X log debugging interval 300 (hitcnt=323) 0xb7788b5f access-list X line 1 extended permit tcp x.x.x....
I have 2 questions. 1. Is there a reason to have network objects created in a separate domain away from global if all our administrators have access to all domains? We are only separating them to get visibility separated in the dashboards and alerts....
Hello, I am unable to load the asdm from my workstation anymore. It has been awhile since I have used the ASDM on here because i usually just use putty to make changes. I am however tying to setup a VPN connection and need into the ASDM. Is there a...
Hello community, I am trying to inspect some traffic and I am facing some troubles. 1.- Traffic is being sent using multicast. Does Firepower inspect that flow? It seems that it does but I can't show it as an event. UDP RED_TRANS_1 239.3.31.20:4021 ...
Is there any way, or has anyone had any luck coming up with a working solution with the current verison of FTD for dynamic access policies on VPN Anyconnect clients using FTD firewalls? Can you use a DACL with ISE or a Radius server? Can you use LDAP...
ello Everyone, We have a plain ASA (no ids/ips, firepower), we want to determine if the device is being port scanned. Did some quick scan (nmap) and all i see by filtering the device that im scanning it from is this %ASA-4-313009: Denied invalid ...
Hi all, We are planning to deploy Meraki SD-WAN solution and each branches will have two links, one is a MPLS link and one is a Internet link. The requirement is to have direct Internet access for Office365 traffic only at branches, and the rest ...
I have a pair of ASA 5510s configured in active/standby mode. I have already configured the failover settings on the firewalls. Both firewalls are connected to a 2960G. I made a change to the interfaces on the 2960 to allow 2 mac addresses on each po...
Hi I´m trying to allow direkt Internet Access for certain applications in our branch office. I´m using Zone BAsed Firewall on the router. Is there a way to use NBAR2 application detection inside the class map ? If i use a class-map type inspect i...
Hi Experts, We've multiple ASA's with the CSM (Cisco Security Manager) and not all firewalls are CSM managed. Is there any way to find from ASA CLI that device managed by CSM...
I am trying to figure out how to scan a FirePower 7020 with Nessus, more specifically with Tenable Security Center. I have the admin account info...but when logging in via SSH, you must first enter EXPERT command before NESSUS can run it's plugins. ...
