Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I'm getting dupplicate syn from our Firepower FTD. The setup is that VPN clients connect via outside (Internet) to access internal stuff. The VPN Clients get an IP from pool 10.1.1.x (for example) to access internal 10.2.2.x.Internet also needs to...
Hi,if I try to enter module 1 via telnet, I get the error message: # connect module 1 telnet
Type exit or Ctrl-] followed by . to quit.
error reading input file
# It's only possible to enter it with console: # connect module 1 console
Telnet escap...
Hi,pinging a VRF interface is not possible on FTD. Is this a feature?Pinging from VRF to somewhere works, but if you try to ping a VRF from outside, it's dropped by "implicit rule"? Phase: 5
Type: ACCESS-LIST
Subtype:
Result: DROP
Elapsed time: 122 n...
Have a similar one:Current Version:7.4.2.3-4Upgrade Version:7.6.0-113The upgrade failed to install.Database integrity check failed after schema update. The upgrade failed on Fri, Aug 29 at 7:30 UTC while running 600_schema/110_post_update_dbic.sh (Up...
I picked 1 syslog message "%FTD-4-419002: Duplicate TCP SYN from int-outside:10.x.x.x/56521 to int-inside:10.y.y.y/443 with different initial sequence number"and checked outside + inside capture. Both captures show me that there's no duplicate packet...
Thx for the capture hint. Now I see that NOT all packets are duplicated. I tried with my own client and see NO dup. So it seems that there's something special that causes dup packets ... I will troubleshoot this deeper...BTW, the NAT is done from tra...
In real, there are 2 FTDs:Scenario 1 Internet access:Anyconnect Client - Internet - FTD1 (used for anyconnect) - FTD2 (used for firewalling) - Transp.Proxy - InternetSo the 2nd FTD also see the dup syn which were created by the 1st FTD:FTD2: Duplicat...
Scenario 1 Internet access:Anyconnect Client - Internet - FTD - Transp.Proxy - Internet<<- how transp proxy connect to internet via FTD' i.e. the traffic retrun to FTD to access internet ?--> No. The Transp.Proxy has it's own Internet access
