i have some problems about packet-tracer in ASA9.8, The asa config Static NAT and dynamic PAT packet-tracer input outside tcp IP_1 50021 IP_2 21 IS IP_1 is real address and IP_2 is Mapping address ? thanks zhixin
Forum Posts
Hi, I am trying to learn about certificates used by the Cisco ASA, Can you please recommend a resource or document that has this information. Thank you
Hello community,sorry for my bad english,i want use function remove objects "Not Used" for cisco ASA 5515, but my team say it this can lead to bad consequences (nat, acl remove). I can not find to what exactly problems. Is there a risk?
According to NAT section rule section 2 should be processed before section 3. In my test LAB the section 3 get processed. In other words Twice-NAT (after-auto) get processed. Expected is section 2 object NAT + PAT There are two rules 1) Object...
Hi all,On of our customers added a new subnet on their side which we want to reach trough an already existing S2S tunnel. The new subnet the customer added is: 192.168.59.0/27.We're working with a pretty old ASA, with old ASA software 8.2(5)55 as wel...
Hello,I find that every 6-12 months I will log on to the ASDM and go to the Network Objects/Groups section and spend ages right clicking on each object and seeing if it is still being used and if it isn't I then delete it. It can take a long time as...
Resolved! FMC Question
Hi, I've installed my firepower from ftd management (locally) and it is working now. What happens if I add this FTD to the FMC? Is the configuration is lost or the configuration is fetched from ftd to the fmc? Thanks.
I have a customer currently running 6.2.2 FirePower code managed via FMC. They have 2 separate circuits from the same ISP with different ranges and want Circuit1 connected to Primary and Circuit2 to Secondary so that, should a failover happen, they...
I have 3 ASA 55xx-X devices which are running ASA 9.9(2) code and FP code v6.2.3.11 All devices have Protect and Control license. When they are connected to Virtual FirePower MC they are listed as unlicensed. They were properly licensed before connec...
Hello,We are updating ssl certificate on secondary ASA.The CA also needs updating, hence the CA is first put in under CA certificates.Adding it , the error shown is "if ASDM sends configuration to this Standby ASA, thestandby will not forward the co...
Hi all , we have Cisco ISE distributed deployment , i want to do auto upgrade via GUI . i know the process but my question is can i pause the Upgrade after 3 personas upgrade done ? and resume the upgrade after one day for remaining 3 personas ...
Resolved! NGFWv deployment in Azure
I'm deploying NGFWv appliance in Azure. Since the license model in Azure is BYOL, what specific licenses or PAKs do I need to buy to utilize this appliance in Azure. I couldn't find detailed information online. Thank you.
Hello peopple, I configured the Cisco ISE to authenticate in the company's switches validating through TACATS Server. The problem is that after a while, I can not validate on the switches and it shows me the message "Authenticat...
Hello Community, I have a ASA with a local VPN Pool where the VPN users get their IP-address. Is it possible to advertise this network in the bgp process? Thanks and regards,Philipp
I have eStreamer setup to forward logs to our Splunk instance; however, I am not receiving any packet data. In the TA-eStreamer setup I have "Packets?" checked.In the FMC eStreamer Event Configuration, I have "Intrusion Event Packet Data" checked. Si...
