Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are moving from an ASA5545-X to an FTD-2110 (in FTD mode). On the ASA, we can define the VPN group policies per user in the LOCAL user manager. Is there a place to do this on the FTD? I have not been able to locate this, and I am trying to prevent...
Is it possible to use VRRP with 2 different interfaces on the same router? The hope is to use 1 4451-X with 2 interfaces going to a switch stack so that if a link fails the VRRP will allow the traffic to use the other interface elsewhere in the stack...
We are deploying Cisco ASA FTD firewalls and each site has dual internet with static IPs. We are wanting to create a VPN between the sites with the ability to failover to the backup internet. We have an ASA-5508-X at the main location, and ASA-5506-X...
We have a Firesight manager 6.0.1 and an ASA 5545-X running 9.5(2)5.
We are trying to create a remediation that will add an object to the ACL named "Blacklist"
The object would be the Source IP. I would like it to add the objects name as: Sourcefire-...
We have purchased an ASA 5506W-X, and want to have the wireless clients on the same network as the wired clients. The built-in wifi AP is off interface gi1/9 and the wired are off gi1/2. I have even tried creating a new interface VLAN 2 on gi1/2, but...
Thank you for the information. It is unfortunate that Cisco decided to remove that function from the LOCAL AAA and force the use of LDAP. It was nice only have to worry about 1 box, but I will have to create a VM for some type of LDAP server. Are the...
I understand the Cisco Support does not support custom remediation modules, but the documentation does seem to show the ability to create custom remediation modules:
http://www.cisco.com/c/en/us/td/docs/security/firesight/540/api/remediation/FireSIGH...
Yes, this is correct. I have other VLANs on the 4451X that need to default route to 10.10.48.1, but the 172.31.0.0/23 will default route to 10.10.48.15
Thank you all for replying. The reason for the one-to-one NAT is due to the fact that outbound traffic must appear from that specific IP address. With a one-to-one NAT all traffic is permitted to the inside host. To curb this, I was trying to create ...
