Recent versions of FTD now support using the firewall's outside data interface for management, as an alternative to using the management port. You have to do the configuration including IP addresses from the console serial port, and there are a few ...
It looks like if you want to use syslog, there are three messages111008 - logs the command (Level 5 - Notification) - excludes "show" commands111010 - logs the command and user info (Level 5 - Notification) - excludes "show" commands111009 - logs e...
Were you trying to allow a specific URL (http://example.com/thing1.html) or just the site (example.com or 150.234.210.205)?The latter shouldn't take a URL filtering license; the Security Intelligence whitelist/blocklist can handle that.(I realize thi...
You need to check the lifetimes for the ikev2 and ipsec settings, and make sure they're compatible so everything rekeys correctly. Some of them default to 8 hours or 24 hours.
I've been trying to do similar things to build connections from ASA to Palo Alto (which only does VTI, doesn't like Cisco crypto-map.)The advice I found on the net said "Your ASA is really only using those addresses to decide what interface to send o...