Hi all, today I had the Problem that my ASA FW cluster told me: Lost Failover communications with mate on interface xvc Fortunately, it also told me: Testing Interface xvc Testing on interface xvc Passed Also, when i checked the Status etc., e...
Forum Posts
We're deploying two 5516Xs tonight, and I had taken for granted the config because I couldn't pre-assign IPs because they will be replacing our current firewalls that use the same IPs. So I've held off until today, and now we're staging things and ...
Dear Team, Currently we have two Site to Site VPN Connections between HO (Cisco ASA 5515-X) and Branch office(Fortinet). ISP 1(HO) Connected to ISP 1 (BO) ISP 1(HO) Connected to ISP 2 (BO) We need to achieve Redundant auto fail over of Site to Site V...
Hi everyone, I'm in need of configuring port forwarding on an ASA 5506 device using an external dynamic DNS address. My configuration is like this: Being this the scenario, I would need to access the machine 10.10.10.23 on port 22 by the address my...
Hello, I'm trying to configure a firewall rules that allow the dcerpc communication between my Active Directory server and Domain Computer. I've got some problem to push GPO from the AD because it use rpc port (port n°135) but after use a new por...
Resolved! Allowing OpenVPN through ASA
Hi, I am pretty new to ASA's, and I've been given this task to do. I've set up NAT a few times on ASDM, which seemed quite straightforward: 1) create network objects, 2) config NAT on the internal network object, 3) create an ACL to allow traffic thr...
How can I put the source port (src-port) as any in the below ASA command instead of specific port? packet-tracer input ifc_name protocol src-ip src-port dst-ip dst-port packet-tracer input outside tcp 192.168.10.10 3389 172.16.10.10 3389 cisco...
Hi, I'm generating reports on firepower for risky applications but it shows empty results "no data to display" while if I check the dashboard I can see the apps in there any idea why this is happening?
Hi, how can I create reports that shows top 10 visited URLs and top 10 users that used most traffic? I am really having hard time finding the right fields that I need to choose for reports. Has anyone done this? Thanks!
Resolved! pxGrid redundancy issue with FMC and ISE
Hi, I am testing Rapid Threat Containment with Firepower and ISE and noticed a strange issue with the pxGrid service used for communication with ISE. We are using multiple ISE nodes in a distributed environment and the pxGrid service is running on ...
Morning / evening, One of my ASA 5516-Xs has fallen victim to the timing chip bug and is now a happy boat anchor in the network cabinet. I have a replacement unit, got it to the same ASA and ASDM versions but running into a little bit of a brick w...
Is the H2 protocol enabled on the FTD 4120 appliance? If so, how can it be configured? I have been notified on our vulnerability scan the below. Vulnerability Name:Apache HTTPD: DoS for HTTP/2 connections by continuous SETTINGS (CVE-2018-11763) Des...
I'm in the process of setting up AnyConnect VPN to our ASA (5525) and in the process have realized that I'm unable to ping either of my outside interfaces from the internet. A basic rundown of my setup: Two outside interfaces - outside and outside...
Hi I have a trouble accessing my FMC, Firepower management Center because of a wrong access list that i have created. i lost the GUI access and left only CLI via my VMware console if any leads to revert my access back highly appreciated Access list...
Resolved! Two ASA migration to Firepower
Hello, My customer wants to consolidate two ASAs in one high-end Firepower appliance. I've successfully done one-to-one ASA to Firepower migrations in the past and for this case, I wanted to do the trick of consolidating both ASA configuration into...
