About DavidWhite6761

DavidWhite6761 · 10-16-2019

I am using a single global policy on an ASA HA pair acting as an inner Firewall. We have rules broken down into 'sections' for different solutions / systems. One rule allowed inbound DNS from DMZ to Internal DNS servers. This rule was disabled, pendi...

DavidWhite6761 · 07-02-2019

I am trying to establish a base policy on a FirePOWER deployment. I want to introduce ANTI-Spoofing of RFC1918 addresses and all other reserved IP addresses to block anything at the Firewall with such addresses in the source. I understand that revers...

DavidWhite6761 · 03-25-2022

For years CISCO had 'validated designs' to cover 'all' circumstances, but they have avoided this one completely (as far as I can tell) TBH I have been looking for 'proper / serious' recommendations on this from CISCO for some time, and do not think ...

DavidWhite6761 · 07-02-2019

Hi thanks for your response. I did look at this option, but the text states that it would bypass the policy which is not what I need. In effect I want to pass the pre-filter, but apply the policy to restrict specific services etc. I have not experime...

DavidWhite6761 · 07-02-2019

Thanks for the response.I would tend to agree about filtering up chain, but that is not an option for me at the moment.I wanted to try out the pre-filter with RFC 1918 and all the other reserved address space before I moved on to the FULL Bogon list....

Member Since	‎06-13-2019 05:16 AM
Date Last Visited	‎04-20-2022 12:20 AM
Posts	5

User Statistics

User Activity

CISCO ASA Global Policy - Rule ignored

FirePower pre-filter for Anti-Spoofing IP

Re: Implementing Office365 ACL with cisco devices

Re: FirePower pre-filter for Anti-Spoofing IP

Re: FirePower pre-filter for Anti-Spoofing IP