Hello Folks, We are using Prime Infrastructure 3.5 to create Zone Based Firewall policies to be managed on ISR 4451s. Attached are screenshots (screenshot 1 and 2) of the defined object groups and the policy from PI using these object groups: Whe...
Forum Posts
Hi, Currently got an issue whereby SCP and SFTP transfers are very slow over our WAN links. The links are 600Mbit with a RTT of approximately 10ms. Transferring on the LAN gives rates of approx 33Mbps but over the WAN we’re seeing 3Mbps. There is n...
We have several Site-to-Site VPN-Connections to our ASA 9.6.4. Is it possible to configure the ASA to operate as VPN responder only? Kind regards
Ihave configured ASA 5506x for WEBvpn with several plugins like RDP. When i launch the app, it gives error ""attempted to open a sandboxed jar <applet url here> as Trusted-Only"." I have latest version of java installed. Attached error message p...
So i have been playing around with a basic scenario of a linux ec2 vm on the inside subnet of the ASAv. A vpn to the VPC and a static route to my remote subnet (opposite side of the vpn). I have tried custom route tables, routes on the ec2 vm, and ro...
I am facing difficulty implementing access rule in ASASM. The rule does not catch traffic. If I permit ip any to any it allows the traffic I have attached the packet trace. The first rule below is my more specific rule. Also the items in two packet...
Hello, After migrating the firewall policy from an ASA to Firepower most of the objects in the rules were automatically grouped and named using the "DM_INLINE_NETWORK" or "DM_INLINE_SERVICE" naming convention. This difficult a lot the understanding...
If I want to configure ZBFW to inspect everything, I need to ip access-list extended everythingpermit ip any anyclass-map type inspect match-any everythingmatch access-group name everythingpolicy-map type inspect MYPMAPclass type inspect everything ...
I have been at this for a good long time and have read all the articles about management-access inside, tftp-server inside, or outside. I literally CANNOT download a new ASA image from tftp over a IPSEC vpn tunnel? What is the magic potion here?
I am working on setting up an ASA5520 to use the TRACK and SLA MONITOR function to support failover to a backup DSL link. The route injection is showing metric of 1 for the backup link when primary service is restored, even though static route shows...
I'm currently trying to migrate a small to medium size config from an ASA5512 to an FPR2110 and I've tried using the Cisco Migration tool but it requires a connection to an FMC. Is there another method to get this done aside from the tedious manual w...
I tried to integration the Rapid7 InsightVM with the Cisco FMC 6.3. I found some of the the forums that's tried to integrated it but it seem doesn't work. Does anyone have some the Rapid7_connetor.pl script that's can be integrated with the InsightVM...
I am stuck configuring my ASA 5505 in transparent mode. When I use the management subnet (inside1) I can reach the internet and all is well. When I am using inside2 (different subnet) I can't. From the console I can ping both subnets and the intern...
Resolved! FMC : Managed Device Backup list empty !
Hi, I'm using FMC to manage 6 FTD's 2100. When I want to backup their conf : I went to : System/tools/Backup/restore/+Managed device backup : But the list is empty and I can not add any FTD:( see screenshot please) Any help please ?
i am trying to configure External Authentication method using LDAP so i can login to virtual FMC using AD credentials but failed , i configured External Authentication method following below article but failed when trying to test user https://www.cis...
