Hi,
Is there any solution guide available to integrate FMC events, connections and hosts map everything to be sent to Stealth Watch Collector/SMC?
Is this possible? Please let us know.
The netflow collects from only Routers/Switches/Firewalls, not Firepower?
... View more
Thanks..Understand now..
My purpose was solved. Now we are success with Firepower services without configuring anything else in ASA in the network.
... View more
Hi,
We will be doing a POV for ASA Firepower services(ASA 5506X) and came across a question about deployment. Our goal is not to touch/impact the network and introduce the ASA Firepower Services into the production with monitor-only mode to analyze traffic. We knew that the ASA needs to be in transparent for this.
My question is, Can we just change ASA mode to transparent, assign a interface to Firepower traffic forward, nothing else on ASA as we want to use only firepower services?
My core switch has connection to Internet router and do not want to put ASA in the path using transparent. Just SPAN from switch to ASA Firepower? Can this be done? Do not want to use ASA at all...
Ravi
... View more
we managed to upload using action code 350, 352 but still authorization is not working. Authentication is fine. Bluecoat AV is keep on prompting for credentials. Below is ACS screens after uploading UDV VSA. Please suggest.
... View more
Hi, We have Cisco ACS version 4.2 running and would like to integrate with bluecoat AV for management users authentication and authorization using VSA attributes. These attributes are by default not available in ACS, details are in attached file. So we are trying to use accountactions.csv file using RDBMS sync to upload these VSA into ACS but unfortunately it is not uploading. Below is the ACS error logs while upload. Also attached is the CSV file which we were tried. Please someone lookinto this and suggest. Date Time AAA Server status-class text-message 18/12/2012 15:37:57 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 0 process error(s) 18/12/2012 15:37:57 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="BlueCoat" V2="" V3=""] 18/12/2012 15:36:06 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 0 process error(s) 18/12/2012 15:36:06 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="BlueCoat" V2="" V3="14501"] 17/12/2012 22:54:00 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 1 process error(s) 17/12/2012 22:54:00 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="Blue-Coat-Authorization" V2="" V3="0"] 17/12/2012 22:50:59 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 0 process error(s) 17/12/2012 22:50:59 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="Blue-Coat-Authorization" V2="" V3="0"] 17/12/2012 22:43:32 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 0 process error(s) 17/12/2012 22:43:32 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="Blue-Coat-Authorization=No-Access" V2="" V3="0"] 17/12/2012 22:41:27 CISCO_ACS ERROR Sync complete: 1 transaction(s) 1 parse error(s) 0 process error(s) 17/12/2012 22:41:27 CISCO_ACS ERROR Parse Error: Reason - Value has incorrect format [SI=1 A=163 UN="ndalg50" GN="" AI="" VN="Vendor-Specific" V1="Blue-Coat-Authorization =No-Access" V2="" V3="0"] Regards, Ravi
... View more
i remember sysopt is enabled by default and can see it is present. SAA-S2S-VPN# sh run all sysopt no sysopt connection timewait sysopt connection tcpmss 1380 sysopt connection tcpmss minimum 0 sysopt connection permit-vpn At the time of issue, they did ping to protected IP but no reply. ASA was reachable. Thinking, why router is keep sending ESP packets while there is no phase one1 in ASA. we are trying to increase keepalives.
... View more
we will check about upgrade but need to know the cause to proceed as have many tunnels and should do with no downtime . and It's not the same length of time. Sometimes goes down for every two days. It's been two days now the reset was done. tunnle was down suddenly at normal working hours, and this is 24/7 as IT helpdesk works through tunnel remotely. as i knew keepalives by default should check for this using DPDs. Syslog message recomendation confuses..How broadcasting services come into ipsec l2l tunnel? packet is ESP. The discard is not by ACL. correct me if am wrong. Any help?
... View more
Ju: The known bug is not affected with our IOS version. And if we upgrade(8.3 or 8.4 or 9.0), we may need to change some configuration related to NAT? Safu030: Tunnel configuration is fine.
... View more
ASA version : 8.2.5 i think this is the last version in series with old NAT confiurations We use ASA only for site to site tunnels. Situation: We see these messages from only one peer router and at the same time they(router end) see issue only with us. All other tunnels work fine for both the parties. Can we check something from router front?
... View more
Dear All, we have a L2L tunnel between ASA 8.2.5 to Cisco Router. Recently we see tunnel is going down and shows messages in ASA about ESP packet discard. Below is the message. %ASA-7-710006: ESP request discarded from x.x.x.x to outside_int:x.x.x At the same time from router the tunnel shows up but ASA not. We see CSCso50226 which matches exactly with our issue. As a workaround we were resetting tunnel from router. It comes up and runs for a week. Please someone look into this and help. Regards, Ravi
... View more