Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, I've been trying to figure out how the security intelligence feeds are applied/used. On the FMC, if I go to Objects > Security Intelligence > Network Lists and Feeds, I can see the Global Block/Don't Block lists and then the 2 default Cisco f...
Hi All,
I have a VPN between a local and a remote site. The local network is 1.0.0.0/8, the remote networks are 2.2.2.0/24 and 3.3.3.0/24.
The VPN is configured that the remote site protected networks are 2.2.2.0/24 and 3.3.3.0/24, but the local prot...
Hi All,
I have a quick query regarding AAA IP assignment for Anyconnect clients:
A little backstory; the client currently has Anyconnect remote access configured using a AAA radius server for authentication and a local IP pool on the ASA. My predece...
Hi All,
I have a query regarding NAT operations over a VPN. I've been referring to various guides but I'm still a little confused. As I understood it, an identity nat/nat0 rule is required to prevent the traffic being natted out of the external inte...
Hi All,
I'm having some issues getting a DHCP address allocation for an Anyconnect VPN client. The network layout is as follows:
AnyConnect Client -----------> ASA -----------> Router ----------->DHCP server
I can ping the DHCP server from the ASA ...
Hi MHM, thanks for the response. It was actually the Rayka video that brought me here in the first place.
I can see the feeds in object management, but it is not clear where/how these feeds are used. If I go to the security Intelligence tab in the a...
Thanks Phillip, One final question, do I need another NAT on the local firewall to NAT inbound packets back to the correct address like this:
nat (outside,inside) source static 3.3.3.3 3.3.3.3 destination static 2.2.2.2 1.1.1.1
Hi Rahul,
I tried the first two debugs you mentioned and got some useful info:
DHCP: DHCPProxy_requestDHCP: Cannot enable DHCP Proxy on an interface running DHCP Relay, Relay Server, or Server.DHCP Proxy Request failed.
That seems to relate to this ...
