Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We enabled logging on a Firepower 4100 with ASA software but I would like to only log hits on inbound rules. Outbound rules are not interesting in my case because this traffic is logged on other firewalls. This way we receive close to 300GB of logs p...
According to Cisco best practice we enabled user authentication caching surrogates on our WSA's based on IP addresses. This doesn't work for user that browse the Internet from a Citrix or Direct Access session as multiple users are using the same IP ...
I did a fresh install of a WSA 100v, after linking it to the Smart licensing server and downloading the appropriate licenses it is impossible to run the setup wizard because there is no license file installed. The CLI "loadlicense" command asks for a...
When I try to upgrade or download the configuration on a WSA S100V running 11.5.2-020 I receive a Python error: lwsa100v> upgradeTraceback (most recent call last):File "/usr/build/iproot/ap/ipoe/ipoe/bootstrap.py", line 54, in <module>File "/data/lib...
I've got 4 AP's out of 7 that didn't join the controller. They get an IP address and should use option 43 to join as the other ones. show cdp neighbors learned me that they run a recovery image (AP3G2-RCVK9W8-M) but I am unable to log in using Cisco/...
For data traffic there is one routing table, but you can set for instance a route for RFC1918 adresses to the gateway of P1 and a default route to the gateway of P1.
If you want high availablity for the WSA you can use CARP for IP failover, another option is an external loadbalancer if you can live degraded capacity during a failure of one of the devices. You perform al your policy changes on your SMA. When you w...
As far as I know there is no HA option for the SMA, you will have to make a backup schedule and import this to the backup machine in case of a failure of the first node.
