Hello guys, A client is asking me to implement a vpn site to site using main mode. But I have a Cisco ASA 5525 version 9.1(1) with its default value aggressive mode. I think that If I use the command "crypto ikev1 am-disable" in the global configur...
Forum Posts
We are running Firepower 2110 with FDM (not FMC), but are unable to add smart license to our locally SSM satellite. I have found this which only explain how to add the license with Smart Software Manager: https://www.cisco.com/c/en/us/td/docs/secur...
does anyone know if there is s a link to configuring l2l vpn with certification authorization?Im currently using PSK and moving to IKEv2 with cert auth. IKEv2 is working with PSK but i want to use certs
Hello all. I have made a few tests with content block and got stuck with an unexpected behavior - or a bad understanding from my part. 3D sensor runs v6.2.2.2-1, if that adds to the question. According to the documentation [1]: "The Block and Block...
Using this equipment in my home lab for study purposes.I attempted to follow instructions I have found to send the asa traffic to the ips module for inspection. I command is missing for me.Commands I input on the asa: access-list IPS extended permit...
Resolved! Doubt about OSPF Topology
Dear, I have a question regarding the attached OSPF topology. Here are some details about the topology: * The Neighbor OSPF 1 router can only learn the network route 1* The Neighbor OSPF 2 router can only learn the network route 2* The Neighbor OSPF ...
Configured a new ASA 5506-X for a client. It will connect to Cox Business when it is setup to pull an dynamic IP address on the outside interface. It will not connect to the static IP address that they have through Cox Business. It will not conn...
Hi AllThis maybe a bit of a strange request but I'm looking for the best way to create a link from one internal firewall to another internal firewall to pass specific traffic (Only ports and protocol for Mail). The only other traffic we have at prese...
Hello,I am configuring my company FMC security intelligence part. But in the available objects tab, I didn't see the Cisco feed objects as: Malware, Phishing, Bots, etc.Any one can help me? Thanks.
Hi. IPS portscan detection function blocks some packet on voice traffic and generate event (i created portscan detection to prevent nmap scannin). Could anyone tell me why voice traffic is blocked by ips?
Resolved! Firepower IPS
Kindly ask you to help me.Well, we deployed IPS on firepower and created network analysis policy to block nmap scanner. When a computer begin scanning another computer firepower blocks it and generate event. It is ok. But yesterday i saw that TFTP tr...
Hi A client of mine has recently purchased two ASA 5516-X with Firepower devices and, not being very experienced with the product, I can't seem to get it to block simple threats. Details of one of the units is in the text below, but basically I do...
Hi, In an attempt to setup Anyconnect to authenticate users by certificates instead of the more common username/password basedauthentication, i have created my own CA and issued:The root certificateThe ASA identity certificateThe client(pc) device ce...
Dear all, First off all I ‘am not a Firewall specialist. I have a configuration that is not working and I am out of options hot to fix my following strange issue. In use: One Public Subnet2 Cisco ASA's with firmware 9.xMultiple private ranges on both...
hi all i have Cisco ASA5516-X and already configured site to site vpn ? once i deploy the connection working fine and i can reach the remote hosts but after sometimes it stop working by it self after checking same day at night .. my question is do i...
| User | Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 2 | |
| 1 |
