Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have a 2504 controller running version 7.4.130. Need to create a new WLAN that is NOT put in the default AP group and broadcast on all AP's, but the 2500 is restricted to 16 WLANs, can only use ID's 1 through 16, the first 16 WLAN IDs are automat...
Hello all,We have an ASA setup to authenticate users connecting into the DMZ via Radius (ACS), and if authorized, download an ACL from the ACS.Users are timing out after about 15 minutes and have to re-authenticate. I'm assuming it's an idle timeout...
We have an odd issue which began by being unable to remotely connect to the ASA via ASDM or SSH. SSH prompts for username and password, but returns 'access denied' even when using the correct password. Logging into the console to troubleshoot, we f...
If any of you have updated your Java recently, you may have noticed a warning saying that future versions won't support self-signed certificates. I've updated my Java run-time to version to 1.7.0_51 and suddenly the ASDM stopped working (unable to l...
why would using the following statement: nat 1 (any, any) source static obj_10.30.0.0 obj_10.30.0.0 destination static obj_172.16.1.0 obj_172.16.1.0cause hosts in the 10.30.0.0 network to lose their static NAT to the outside world when not talking to...
Hi Marvin,
I know you could write a book about best practices for installing and operating Firepower, but do you have a checklist of sorts that you could share that would identify the top things to ensure are set correctly (i.e. - modify default di...
Gordon, Looks like you have the ACL's applied to the wrong interfaces. Change the access-group statements to below and it should work:int g0/0 ip access-group 101 inint g0/1 ip access-group 102 in
The line below should allow all IP traffic from inside to the voice vlan:access-list inside_access_in extended permit ip 192.168.1.0 255.255.255.0 192.168.20.0 255.255.255.0Agree with Vibhor, you should run packet tracer on the firewall to see where ...
Vagelis,First, this question is better suited for the security / firewalling forum (https://supportforums.cisco.com/community/5966/firewalling), but no worries.Assuming the two networks are separated by the firewall, you will need to add a rule that ...
Unfortunately, you'll need to have Smartnet contract(s) in order to be able to download the software from Cisco, and you'll need one for each of the technologies you mentioned.
