Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,We have Prime Infra 3.1.0, and are hoping to send NetFlow from ASA to it, to see traffic pattern & utilization, etc.Is this supported?3.0 release notes say it's not supported:"NetFlow data from Cisco Adaptive Security Appliance (ASA) is not su...
I'm trying to apply an ACL to the SVI to block certain ports as temporary security measure.
Does traffic in the same VLAN go through the SVI, and be subject to the applied ACL, assuming the flows have to go through the L3 switch because it's in the m...
//ASA w/ FirePOWER
Several months ago I read that you can manage the FirePOWER soft module via ASDM on the smaller ASA's such as 5506 & 5515.Does that mean I wouldn't need FMC at all? (I can manage, and monitor everything through ASDM?)Has that list ...
Can ASA (specifically 5506) support "switchport voice vlan" command like on the Catalyst switches?
We have a need to allow users to connect their PC's to phones, then connect phones to the ASA ports, so that we can avoid needing an actual switch, as ...
Now that FTD & FirePOWER service module are available on NGFW platform, why & when would I need a dedicated IPS?
Wouldn't it be more cost effective to just have one NGFW that can perform multiple functions, instead of a dedicated IPS appliance, that ...
Thank you for the follow-up.
The switch has no TCAM carved to do VACL, so I anticipate if we try to apply a VACL to a VLAN, the N9K would complain there's no memory for it.
When I do "show system internal access-list globals" VACL has no memory rese...
Thank you so much for the quick response.
Unfortunately our N9K's are not configured to support VACL, so we'll need to look elsewhere to implement this block. (due to TCAM resource regions...we didn't think we'd need to do VACLs)
Thanks Marvin.
In my previous deployment, I did use an FMC, but was curious to know what capabilities you have WITHOUT it.
For example, don't AMP & URL-filter go through FMC?
Do the ASA's & FTD's just handle all functions via the local devices/sensor...
