About tahscolony

tahscolony · 05-08-2025

Currently we have an ASA and use Secure Client 5.1.8.105 and two profiles using Alia that authenticate via 2FA. To get the correct profile, split tunnel or full tunnel a use tacks the alias on to the URL and then connects, authenticates full 2FA and ...

tahscolony · 04-11-2025

Trying to deploy both Web-Cache and HTTPS 443 WCCP to an FTD. I can get the 443 tunnel up, but not the Web-Cache, the deploy fails.Lina messages FMC >> clear session FMC_SESSION_1 accessMain-3120-SFW >> info : WARNING: This might result in parallel a...

tahscolony · 04-10-2025

One of the things discovered with the Migration tool is it assumes the Inbound for an interface is default and only recognizes outbound. I have 3 DMZ interfaces that I control traffic from servers inside the DMZ to have access to other interfaces an...

tahscolony · 04-08-2025

> test aaa-server authentication PINGid host 172.26.38.87 username adminPassword: >Attempting to test without entering the password since it is plain text AND logged, it puts a > after the prompt. Anything typed afterwards just sits, have to enter c...

tahscolony · 04-02-2025

Trying to install new FTD's in the network I found that the RPe-Filter for the FTD when used inline does not support WCCP over GRE, so instead I am putting the Ironport on a DMZ interface on an ASA. If I point the browser to use the proxy it works pe...

tahscolony · 05-12-2025

I figured it out, fat fingered the URL. Time for new glasses.

tahscolony · 04-21-2025

I am going nutz trying to get mine working. If I have the proxy coded in the browser, it works just fine, but without it, I get no where. According to https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-management-center-virtual/222...

tahscolony · 04-11-2025

Good, then I am on the right track. I weeded out at LEAST 100 ACL that are no longer needed which is making it a bit easier.

tahscolony · 04-09-2025

The log from PINGid server is showing NAS-IP-ADDRESS: 0.0.0.0 instead of probably the inside IP that it should source from. When same test is run on the ASA it shows the inside IP of the ASA. Is this just normal behavior, or is something misconfigur...

tahscolony · 04-08-2025

Thanks Marvin, that was it. I'm testing successfully, however, one thing noted in logging is the NAS IP is all 0's, 0.0.0.0. How do I get it to report the inside IP that it is sourcing from?

Member Since	‎05-26-2015 09:41 AM
Date Last Visited	‎05-12-2025 11:12 PM
Posts	200
Total Helpful Votes Received	21

User Statistics

User Activity

VPN with Alias on FTD

WCCP Flex config Fails

Bidirectional ASA ACL to FTD ACP

Testing Radius via FTD CLI issues

WCCP on a stick not working Ironport and ASA

Re: VPN with Alias on FTD

Re: WCCP Redirection on Firepower FTD 2110

Re: Bidirectional ASA ACL to FTD ACP

Re: Testing Radius via FTD CLI issues

Re: Testing Radius via FTD CLI issues