Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have an HA pair using 5510s version 8.4(5). The secondary unit is currently active because the primary has an issue. When we replaced the primary (we didn't failover yet) users reported issues with several services including webmail. The time peop...
We've pointed all of our devices from ACS 4.1 to 5.3 and I see under Authentication Options > Radius > CoA port is 1700 by default. Should I change this to 1812?
Last week I disabled several rules on our ASA because the rules had 0 hits. Well one of the rules needed to be re-enabled to allow a department access to an application. It works after re-enabling the rule, but I don't understand why am I not seeing...
I'm going some cleanup of our ASA firewall access rules and I want to delete the rules that have 0 hits. But I do not know how to check when the counters were last cleared on these rules. Please help!Thanks in advance!
I was asked to create rules with the following TCP ports: 41000, 41002, 41025. Since these ports did not exists, I just created new TCP service objects. The issue is I put the those ports as source port/range and destination port/range in the Add Se...
Thanks again Jouni!I know how to remove the host from the rule - that isn't the issue. I want to know if that host that isn't receiving hits the reason that the entire rule doesn't show hits in ASDM.So basically if I remove that one address that ends...
Here is the ruleWHQ-ASA-01/pri/act# sh access-list | i inside_access_in line 205access-list inside_access_in line 205 extended permit object https any object-group DM_INLINE_NETWORK_60 0xcfce8697 access-list inside_access_in line 205 extended permit...
I just figured it out as you posted this haha. Thanks Jouni!Is it possible that the rule doesn't show any hits because of the destination ip's doesn't have any? Here is my output from CLI:WHQ-ASA-01/pri/act# sh access-list | i 153.69.200.107 access-...
I went into ASDM, right clicked on the rule, and started the packet trace.I get green check marks for capture, access-list, and route-lookup. The result is the packet is dropped with info saying: (sp-security-failed) Slowpath security checks failed
