Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everyone,Have a potentially interesting issue. We have a datacenter stack that is connected to a Cisco firewall which has a VPN tunnel established to the Azure destination. Inside the Azure network we have our VMs in our resource group with an ...
Hello!We have a Cisco ASA running version 9.18.4.22 that we are trying to do port forwarding on. Right now an endpoint hits the outside interface ip and should forward the traffic to one of our servers that sits on the inside interface. I had set thi...
I am trying to upgrade the firmware on ASA's we have at multiple sites but for some reason copying over the firmware fails. We are currently running FP2140's in ASA mode and whenever I copy the files over from a windows machine, it fails. I am using ...
I set up Cisco AnyConnect for a client and it is using split-tunneling to forward regular internet traffic using the home-user's ISP and traffic that is destined for our network to come across the tunnel. Recently I was asked to add a URL to come thr...
We use Clearcubes that are connected to switchports on a nexus 3k. The clearcubes connect via 1gb SM fiber SFPs to the nexus 3k fiber port. Layer 1 connectivity is there. When I do 'sh run int ethernet 1/2 status', the port shows as connected, duplex...
Yup, that's what I'm trying to do. Our current inbound NAT statement looks like this:nat (any,inside) source static ;10.1.0.0/24' '10.1.0.0/24' destination static '10.2.0.0/16' '172.1.0.1/24' unidirectionalfor the return NAT we had it written like th...
Hello everyone,I was able to figure out a way to get it to work. We used to have web servers that sat behind this firewall that we did port-forwarding too on https and had no issue. We tore those down about a year ago but kept the SFTP server. The po...
So I do have ACLs on the outside interface as well but it is still not allowing the traffic. I am not seeing any translations for that nat statement either when we generate traffic. The server knows how to reach the router, it can get out to the int...
So what we had to do since our customer doesn't have FMC was pretty janky but it worked:1. We copied the running-config to a text file (used scp to copy it to our server)2. Changed the firepower from ASA mode to platform mode (config gets wiped)3. Do...