About Nikolaos Milas

Nikolaos Milas · 11-05-2025

Hello, We have an FPR-2130 pair (Active - Standby) and I recently see increased ASP Drops (see attached image). It is supposed to be "Flow Denied by access rule, Flow Denied by configured rule".We need to understand better what this is about.How can ...

Nikolaos Milas · 10-10-2025

Hello, We have a pair of FTD2130 behind a pair of routers (border routers for the campus, running BGP). This is Campus A (main campus).The topology is described briefly below:The FTD pair (running v7.2.10.2) is in Active-Standby mode; it serves as Fi...

Nikolaos Milas · 12-10-2024

We have a router connected to our ISP.There are internal private networks like: 10.230.230.0/24, which are NAT'ed over the ISP connection. (See configuration below.)Over the ISP connection we also have two P2P VPN tunnels, providing access to devices...

Nikolaos Milas · 09-20-2024

Hello,I am on FTD2130.I have configured various interfaces with their respective subnets and they are advertised successfully over OSPF.I want to advertise over OSPF a subnet which includes public addresses to be used as NAT gateways (for various pri...

Nikolaos Milas · 06-08-2020

Hello, Can you please clarify whether AIR-AP1832I-E-K9 access points are compatible with Catalyst 9800-L wireless controllers? At https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html Table 4 we can see compati...

Nikolaos Milas · 11-05-2025

Thank you for your prompt reply; I have been able to get data. I see large numbers of flows from the same IP Address (obfuscated below as abc.def.ghi.jkl because it's public) like: ...416: 13:33:23.149238 802.1Q vlan#40 P0 abc.def.ghi.jkl.60463 > 255...

Nikolaos Milas · 10-16-2025

Thanks. Yes, I was referring to the incoming traffic. I understand that it does not make a lot of sense to inspect outgoing traffic so thoroughly in the first place. It's the incoming traffic that is mainly causing risks.

Nikolaos Milas · 10-16-2025

Thank you for the hint. So, for SSL Inspection do we need to provide to FPR2130s the private key of each and every SSL Certificate of the hosted domains to be inspected?

Nikolaos Milas · 10-16-2025

Thank you very much for the quite enlightening details you have provided. We can now examine our options much better. If I need some more clarifications, I will request your feedback again. I appreciate your kind assistance. Best regards,Nick

Nikolaos Milas · 12-11-2024

The remote devices physically are geographically distributed (over the whole country) metering stations (of various types) with mobile network (4G) connectivity via a SIM card. They are assigned a private IP on a dedicated private subnet (10.254.90.0...

Member Since	‎08-01-2013 04:46 AM
Date Last Visited	‎11-21-2025 09:48 AM
Posts	77
Total Helpful Votes Received	8

User Statistics

User Activity

FPR 2130: Troubleshooting ASP Drops

Is it acceptable to split an FTD Pair (Active - Standby)?

How to Configure NAT for devices over P2P VPN

Advertise a subnet without an interface over OSPF on FTD

AIR-AP1832I-E-K9 compatibility with Catalyst 9800-L

Re: FPR 2130: Troubleshooting ASP Drops

Re: Is it acceptable to split an FTD Pair (Active - Standby)?

Re: Is it acceptable to split an FTD Pair (Active - Standby)?

Re: Is it acceptable to split an FTD Pair (Active - Standby)?

Re: How to Configure NAT for devices over P2P VPN