ello Everyone, We have a plain ASA (no ids/ips, firepower), we want to determine if the device is being port scanned. Did some quick scan (nmap) and all i see by filtering the device that im scanning it from is this %ASA-4-313009: Denied invalid ...
Forum Posts
Hi all, We are planning to deploy Meraki SD-WAN solution and each branches will have two links, one is a MPLS link and one is a Internet link. The requirement is to have direct Internet access for Office365 traffic only at branches, and the rest ...
I have a pair of ASA 5510s configured in active/standby mode. I have already configured the failover settings on the firewalls. Both firewalls are connected to a 2960G. I made a change to the interfaces on the 2960 to allow 2 mac addresses on each po...
Hi I´m trying to allow direkt Internet Access for certain applications in our branch office. I´m using Zone BAsed Firewall on the router. Is there a way to use NBAR2 application detection inside the class map ? If i use a class-map type inspect i...
Hi Experts, We've multiple ASA's with the CSM (Cisco Security Manager) and not all firewalls are CSM managed. Is there any way to find from ASA CLI that device managed by CSM...
I am trying to figure out how to scan a FirePower 7020 with Nessus, more specifically with Tenable Security Center. I have the admin account info...but when logging in via SSH, you must first enter EXPERT command before NESSUS can run it's plugins. ...
This will hopefully be a very easy question for someone who normally works within the FirePower Management Center. We currently have a couple of servers opened up to the outside world for RDP connections by our employees; I know this isn't a good pr...
I have been trying to configure 2FA for the ASDM UI for our ASA 5512-X. There has been no success and it seems that there is no software solution. Yes, there is 2FA for Any Connect and for VPN, but not for an administrator using ASDM. This is somethi...
I'd like to purchase the botnet license feature for my 5508, however, I've been unable to find it. On CDW there are many licenses for every other model, but not the 5508. Is another model's license compatible with the 5508?
I recently upgraded firepower 2100 FTD to ASA. But in ASDM there is no any tab for firepower configuration. Does this option support for FP2100 ?
For reasons that dont have a happy explanation, I am running 8.2(5) on a 5505 along side ASDM 6.3.1. That works well enough for what is a home lab to study some abomination that exists elsewhere that runs the same code. Ask no more about the why, I b...
Folks, I have an ASA and would like to see why my ipsec tunnel is not coming up.I enable logging. and then type in "debug crypto isakmp", but see nothing, in old pix could, it was so easy to troubleshoot but with 7.x code is there a good command...
Resolved! FTD and AD sync with user agent
I'm trying to use the AD user integration to allow certain groups to access Facebook and deny others. I realize I need AD integration with the user agent for firepower but this is a standalone FTD with no FMC as the documentation for this setup shows...
Hello all- Need to setup a NAT based on destination port ASA 9.6.4 Source 202.1.1.18 routing to 202.1.1.17 on inteface vlan419int if destination port is 12154 need 202.1.1.17 to NAT TO inside interface host 192.168.1.10 if destination ports are 121...
Resolved! Firewall 5506-x blocking all DNS queries
Hi all I am observing my firewall 5506-x since a month that after 2 or 3 days, firewall suddenly stop resolving DNS queries and all internet traffic stop. while in this situation IP communication remain OK which means i can ping/browse across the fir...
