About dcanady55

dcanady55 · 04-29-2025

Hello,FTD's 2110 running 7.4.2.1 in HA. and ultimately trying to setup a site-to-site vpn between this FTD pair and anther FTD pair at our other datacenter. However, right now I'm just trying to route plain old internet traffic out of my second outsi...

dcanady55 · 03-14-2025

Hello,FTD's 2110 running 7.4.2. Under intrusion events dashboard some of my top attackers are my DC's that run DHCP and DNS. I'm trying to understand why Cisco is classifying what looks like normal DNS traffic as a port scan saying the client was usi...

dcanady55 · 03-10-2025

Hello,We have a pair of 2110 FTDs running version 7.4.2.1 in HA mode, currently connected to a dedicated fiber internet connection at datacenter A. I'm considering adding a cheaper secondary internet connection to set up a site-to-site VPN between da...

dcanady55 · 01-16-2025

Hello,Currently have 2110s running 7.4.2 and I've been playing around with EVE which brought me to the conversation about QUIC. I wanted to get a feel for what others are doing with QUIC and if most are allowing this or blocking it all together.Thank...

dcanady55 · 01-02-2025

Hello,We are currently using Cisco 2110s, and it appears that Cisco still does not allow us to remediate elephant flows in the advanced section. The only way to reduce the impact seems to be by setting up a trust rule for specific traffic. Upon analy...

dcanady55 · 04-29-2025

@Rob Ingram thanks for the response and will try the PBR. I'm not following the NAT example in the article but will play around with it and see what I can come up with. I eventually will need the FTD to track the main route out to the Internet and if...

dcanady55 · 03-12-2025

Thanks for the response, Balaji.

dcanady55 · 01-03-2025

Hello,Running 7.4.2.1 on 2110.I don't have any thresholds setup for elephant flows because that feature is not available for 2110s. I thought Trust does not use snort as that's what the guide says.

dcanady55 · 12-31-2024

Thanks for the additional information! I was able to simulate the traffic and confirmed it was being blocked. Initially, I was looking for Syslog ID 430003, but it turns out the logs were under 430002.Why wouldn’t packet tracer show that this would b...

dcanady55 · 12-31-2024

Hey Rob,Thanks for the additional information! I was able to simulate the traffic and confirmed it was being blocked. Initially, I was looking for Syslog ID 430003, but it turns out the logs were under 430002.Why wouldn’t packet tracer show that this...

Member Since	‎10-10-2013 06:13 AM
Date Last Visited	‎05-05-2025 07:04 AM
Posts	220
Total Helpful Votes Received	51

User Statistics

User Activity

FTD with multiple Outside Interfaces

Client using an unusual port

Backup Internet Design Using FTDs

QUIC Usage

Microsoft Teams Call ACP Question

Re: FTD with multiple Outside Interfaces

Re: Backup Internet Design Using FTDs

Re: Microsoft Teams Call ACP Question

Re: FTD Geolocation Question

Re: FTD Geolocation Question