Should Cisco Firewall in AWS - I use ASAv or FTDv/FMCv?

Similar Questions

• I'm trying to download the media feature pack for windows 7n and it tell me to validate using GenuineCheck, but when I do it says that I should download the most recent version uses 64-bit window 7n

  I'm trying to download the media feature pack for windows 7n and it tell me to validate using GenuineCheck, but when I do it says that I should download the most recent version uses 64-bit window 7n

  You must use internet explore 32 bit.

• should what size of file I use on jpg imported for them to properly size with Premiere Pro. When I import them into different sizes, they are large or small

  should what size of file I use on jpg imported for them to properly size with Premiere Pro. When I import them into different sizes, they are large or small

  In the preferences, select scale to frame size and then any media imported after the modification will be automatically resized to fit your sequence.

  Thank you

  The f

• should what username and password I use

  Should what username and password I use to open adobe flash player on my mac?

  Hi wallaceh43208042,

  Please check what userid & password I need to install Flash Player?

  Thank you

  Eswar.

• My plug-ins are defined in CC PS not PS CC2014 and the external editor to the LRCC should be changed to PSCC to use my plug-ins. How can I change the external editor to make CC PS instead of CC2014 PS

  My plug-ins are defined in CC PS not PS CC2014 and the external editor to the LRCC should be changed to PSCC to use my plug-ins. How can I change the external editor to make CC PS instead of CC2014 PS

  Hi Alik!

  Lightroom sets the latest version of Photoshop as external editor by default. However, you can set the CC Photoshop as an additional external editor in the preferences.

  

  You can then call it with a keyboard shortcut or via the menu.

  

• SRP541W Inter-VLAN Cisco firewall

  Hello

  Are there dates know what firewall between the internal VLAN will be supported in the firmware SRP541W? The current 1.2.5 version provides just very basic and poor settings for firewall rules.

  Kind regards

  Lars

  Hello

  Please use our forum

  Hi larsgrenz, my name is Johnnatan and I'm part of the community of support to small businesses. I saw your post and found a document that colud help you, you can look at page 100 in the firewall section

  http://www.Cisco.com/en/us/docs/voice_ip_comm/unified_communications/srp540_series/administration/srp500_AG_2567701.PDF

  I hope that you will find this answer useful, if it was satisfactory to you, please indicate the question as answer. Please note post you consider useful.

  Greetings,

  Johnnatan Rodriguez Miranda.

  Support of Cisco network engineer.

• Cisco NAC discovered host field use OOB L3 and L2 OOB

  Hi all

  We are in the phase of project initiation in a huge deployment of Cisco NAC.

  Customer has of 8 regional offices who will be deployed in OOB L2 mode with its own servers of NAC.

  Client also As 25 small offices who will be deployed in OOB L3 mode (using the access control list) with two central servers of the NAC.

  NAC agent will be deployed at the Center through Microsoft Windows Domain Services on each computer in the domain. However, users could move from a small office to a regional office occasionally.

  I was wondering how we should use the Host field discovered in the XML of the Agent?

  My opinion is the definition of the scope of the host of the discovery to the IP address of the central servers of the NAC. This setting will be used when the user is in a small office and when in an office regional, the NAC in mode OOB L2 server will already intercept the traffic of the user and the IP address in the host discovery field won't matter in this case?

  Am I wrong?
  Any help much appreciated.

  Dumlu

  Hi Dumlu,

  If your concern relates to users of L2, then this will work regardless of the address of the configured host discovery.

  This is the case, the Agent will try the host address configured discovered on top of the default gateway address.

  In L2, the NAC server is between the host and the default gateway, so the L2 discovery process will still work.

  Consider that for users of L3, the discovery packet sent to the discovered host address just reach the server of the ANC, no matter if so the agent can reach this address; the point is to ensure that the NAC server receives this package in order to meet with the NAC server specific info.

  I hope that answers your question.

  Kind regards

  Federico

  --

  If this answers your question please mark the question as "answered" and write it down, so other users can easily find it.

• HP15 ab029tx: window update 10 problems should return to 8.1 windows using recovery and come back later

  My computer hp 15ab029tx laptop came pre-installed with win 8.1. I've recently upgraded to win 10. However, after upgrading, I found the following issues. I installed the latest version of the bios and all drivers are up to date on hp site.

  the problems are.

  1. edge flicker browser. Sometimes I use chrome so ok.

  2. autonomy is by 2 hours earlier, that's around 3: 00.

  3. laptop gets very hot. I found coolsense does not. There is no setting of tdp in the power profile. TDP settings was present in windows 8.1.event viewer is full of errors of health active hp, intel dptf, etc.

  error dptf Intel

  Intel (r) platform dynamic and thermal environment: Requested (8.1.10600.150) TYPE: ERROR

  DPTF Build Version: 8.1.10600.150

  DPTF Build Date: June 26, 2015 11:46:12

  Source file:...... \.. \.. \Sources\Policies\PolicyLib\PolicyBase.cpp @ line 693

  Function: PolicyBase::releaseControlofOsc

  Message: Impossible to release the OSC: failure when executing _OSC:

  DPTF Build Version: 8.1.10600.150

  DPTF Build Date: June 26, 2015 11:46:12

  Source file:...... \.. \Sources\Manager\EsifServices.cpp @ line 473

  The enforcement function: EsifServices:rimitiveExecuteSet

  Message: Error returned by the function interface IBSE services call

  Member: NoParticipant

  Domain: NoDomain

  IBSE Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]

  Instance of IBSE: 255

  IBSE return code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

  　

  Policy: Policy critical [0]

  Active health HP errors

  COM exception running a command GET Casl EmbeddedController.AuditLog.JSON = return value from the BIOS, which indicates a value of invalid command. : one or more arguments are invalid (Exception from HRESULT: 0 x 80000003)

  4. several fonts of applications is blurred. I use 125% recommended implemented nationally as a 1080 p screen. all drivers intel & nvidia graphics are more recent.

  5. after sleep / standby wireless works irregularly unless I turn it on / off manually & special keys on the keyboard do not work until I restart.

  6. portable seems overall gloomy. (seems to be however performance tests indicate otherwise). Apps to take longer to open.

  So should I go back to earn 8.1 using recovery and wait for more late say 1 year when all bios and driver problems are sorted.

  My main problem is the short battery life and the laptop heats up.

  Concerning

  That's what I'd do - return to Win8.1.

  I have a laptop HP Dv6 Win7 running and the upgrade of Win10 has been a total disaster.  I restored using Win7 HP recovery media.  I'd rather have a BONE more old where everything works, only a new operating system where things do NOT work.

  As to wait a year, the FREE upgrade expires end of August 2016 - so after that, if you still want to upgrade, you will need to purchase a license - and, unlike with previous versions of OS, MS said nothing about the price for upgrade license, or even if such a license will be available then.

• Should what type of DVD I use

  I had a problem for my new GE24 LG Super Multi DVD rewriter works correctly. No I have the movies I want to download and watch on my dvd player. I use DVD Memorex DVD + R 16 X 4.7 GB 120 min. should I use another brand, because those who only play on my computer via Windows Media Player. I am recording in the wrong format, or is this something els. Anyone know the answer to my problem?

  Try this link to get answers. http://Windows.Microsoft.com/en-us/Windows7/Windows-Media-Player-DRM-frequently-asked-questions

  Even if its windows 7, it applies to xp...

• Should what type of disc I use to copy pictures on a disc?

  Original title: what type of disc should I use to copy pictures on a disc. I tried memorex cd - r 40 x and also cd - r 52 x, and they do not work

  copy pictures to a disc

  Hi stv2741,

  1. you use any DVD burning software?

  You can use any type of recordable disc to burn images. You can check the following links for more information:

  Burn a CD or DVD

  http://Windows.Microsoft.com/en-us/Windows-Vista/burn-a-CD-or-DVD

  Burn pictures or videos to a CD or DVD

  http://Windows.Microsoft.com/en-us/Windows-Vista/burn-pictures-or-videos-to-a-CD-or-DVD

  Burn a CD or DVD in Windows Media Player

  http://Windows.Microsoft.com/en-us/Windows-Vista/burn-a-CD-or-DVD-in-Windows-Media-Player

  Hope this information is useful.

  Jeremy K
  Microsoft Answers Support Engineer
  Visit our Microsoft answers feedback Forum and let us know what you think.

  If this post can help solve your problem, please click the 'Mark as answer' or 'Useful' at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.

• Firewall Windows does not use recommended settings

  Firewall service Windows is not running: does not use recommended settings

  Firewall service Windows is not running: does not use recommended settings

  Please specify:
  > windows firewall service is not running
  > does not use recommended settings

  If it running or NOT?
  Which of the above is the problem?

  RE: windows firewall service does not

  Start button > in the search box, type services > press the Enter key > scroll down to Windows Firewall and click on it...
  under the State column, it must be said... started
  under the Startup Type column, I must say... Automatic

  If it does not say that, right click on Windows Firewall > click Properties > make the changes.

  RE: does not use recommended settings
  
  Start button > in the search box, type windows firewall > looks upward at the top on the left, click on Windows Firewall > click on change settings > put on a blue radio point (recommended) level > OK for the benefits of others looking for answers, please mark as answer suggestion if it solves your problem.

• Fibre channel host bus adapters should be removed if not in use?

  We have a Dell Poweredge R720 server that has a Qlogic host an orphan in her bus adapter. The lighting on the HBA flashes yellow, green and orange. I wonder if this orphan adapter could use the system resources and if it should be removed.

  Kimblbob,

  Despite the HBA is not used, it will use resources. Now granted it's a very tiny amount, but he uses them what. When the card is installed, it will draw power, as well as the host server will spend processes in the sending of communications "heartbeat" with the card, it is ready to use it... Thus, while it is a VERY small amount, he uses them.

  I see no problem with you withdraw during a maintenance window.

  Hope this helps to answer your question.

• Cannot connect Cisco 2621 to AWS EC2 Openswan vpn site to site

  Hello, I'm setting up Site to Site vpn between my Cisco 2621 router and Amazon EC2 instance running openswan.
  I get on the following message on the openswan server: 'NO_PROPOSAL_CHOSEN '.
  My router config Cisco 2621 and Openswan config are displayed below, I know im missing something small, but can't
  understand what is :-) any help would be appreciated.

  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: STATE_MAIN_I3: sent MI3, expect MR3
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]. port/protocol Phase 1 ID payload is 17/0. agreed with port_floating NAT - T
  ' Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: hand mode peer ID is ID_IPV4_ADDR: ' 192.168.1.253.
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: transition of State STATE_MAIN_I3 of State STATE_MAIN_I4
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "House paulaga" #1: STATE_MAIN_I4: ISAKMP Security Association established {auth = PRESHARED_KEY oakley_3des_cbc_192 integ = md5 = MODP1536 group = cipher}
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga home" #2: quick launch Mode PSK + ENCRYPT + TUNNEL + PFS + UP + IKEV1_ALLOW + IKEV2_ALLOW + SAREF_TRACK + IKE_FRAG_ALLOW {using isakmp #1 proposal of msgid:17d23abf = default pfsgroup = OAKLEY_GROUP_MODP1536}
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: regardless of the payload information NO_PROPOSAL_CHOSEN, msgid = 00000000, length = 160
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]. ISAKMP Notification payload
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503].   00 00 00 a0 0e 00 00 00 01 03 04 00
  Apr 16 20:05:55 ip-172-31-1-142.us-west-2.compute.internal pluto [28503]: "paulaga-House" #1: received and ignored the information message

  The schema looks like this:
  192.168.0.0/24:FA0/1[router]FA0/0 192.168.1.253 - 192.168.1.254 [Modem] 64.231.25.93 (pub ip attributed to my modem)

  Cisco 2621 router configuration:

  Current configuration: 2649 bytes
  !
  version 12.3
  no cache Analyzer
  no service timestamps debug uptime
  no service the timestamps don't log uptime
  encryption password service
  !
  cisco2600 hostname
  !
  boot-start-marker
  start the system flash c2600-ik9o3s3 - mz.123 - 26.bin
  boot-end-marker
  !
  logging buffered debugging 10000
  no logging monitor
  !
  No aaa new-model
  IP subnet zero
  IP cef
  !
  !
  name-server IP 192.168.0.10
  !
  Max-events of po verification IP 100
  !

  username admin privilege 15 password 7 01100F175804
  !

  crypto ISAKMP policy 10
  BA 3des
  md5 hash
  preshared authentication
  Group 5
  ISAKMP crypto key mysecretkey address 52.39.49.77
  !
  life crypto ipsec security association seconds 28800
  !
  Crypto ipsec transform-set AMAZON-TRANSFORM-SET esp-3des esp-md5-hmac

  !
  11 INTERNET-CRYPTO ipsec-isakmp crypto map
  ! Incomplete
  description Amazon EC2 instance
  defined by peer 52.39.49.77
  transformation-AMAZON-TRANSFORM-SET game
  match address 111
  !
  !
  !
  !
  interface FastEthernet0/0
  Connection to the Bell Modem description
  IP 192.168.1.253 255.255.255.0
  NAT outside IP
  automatic duplex
  automatic speed
  crypto CRYPTO-INTERNET card
  !
  interface Serial0/0
  no ip address
  !
  interface FastEthernet0/1
  Description of the connection to the local network
  IP 192.168.0.254 255.255.255.0
  192.168.0.10 IP helper-address
  IP nat inside
  automatic duplex
  automatic speed
  No cdp enable
  !
  interface FastEthernet0/1.2
  Service Description Vlan
  encapsulation dot1Q 2
  IP 10.0.0.254 255.0.0.0
  192.168.0.10 IP helper-address
  IP nat inside
  !
  IP nat inside source list ACL - NAT interface FastEthernet0/0 overload
  IP nat inside source static tcp 192.168.0.47 3389 interface FastEthernet0/0 3389
  IP http server
  local IP http authentication
  no ip http secure server
  no ip classless
  IP route 0.0.0.0 0.0.0.0 192.168.1.254
  !
  !!
  !
  !
  extended ACL - NAT IP access list
  allow an ip
  allow a full tcp
  allow a udp
  recording of debug trap
  ease check syslog
  record 192.168.0.47
  access-list 111 allow ip 192.168.0.0 0.0.0.255 172.31.1.0 0.0.0.255
  !
  !
  !
  Dial-peer cor custom
  !
  !
  !
  Line con 0
  password 7 05080F1C2243
  opening of session
  line to 0
  line vty 0 4
  privilege level 15
  local connection
  transport telnet entry
  telnet output transport
  line vty 5 15
  privilege level 15
  local connection
  transport telnet entry
  telnet output transport
  !
  !
  end

  Openswan Configuration:

  file paulaga.secrets:

  64.231.25.93 192.168.1.253 52.39.49.77: PSK "mysecretkey.

  file paulaga.conf:

  Conn paulaga-home
  left = % defaultroute
  subnet # EC2 My leftsubnet=172.31.0.0/16
  leftid = 52.39.49.77 # EC2 my public ip
  right = 64.231.25.93 # My Home Modem public ip
  rightid = router 192.168.1.253 # My Home Cisco 2621 outside interface ip
  rightsubnet=192.168.0.0/24 # My Home LAN Cisco 2621
  authby secret =
  PFS = yes
  start = auto

  Hello

  Since we are getting the following error NO_PROPOSAL_CHOSEN could you please add the following on the router policies then check :

  crypto ISAKMP policy 10
  BA 3des
  md5 hash
  preshared authentication
  Group 5

  crypto ISAKMP policy 20
  BA 3des
  md5 hash
  preshared authentication
  Group 2

  crypto ISAKMP policy 30
  BA 3des
  sha hash
  preshared authentication
  Group 2

  crypto ISAKMP policy 40
  BA aes
  md5 hash
  preshared authentication
  Group 2

  Please test with the latter and keep us informed of the results.

  Kind regards

  Aditya

  Please evaluate the useful messages and mark the correct answers.

• Cisco CSR 1000v - AWS

  I am configuring the Cisco 1000v REA in my VPC for connectivity VPN L2L. Can someone point me to the config docs? How can I configure the IP Elastic interface? It would be great if you could redirect me to the documentaion for VPN L2L with 1000v (AWS) Cisco CSR - Cisco ASA 5510.

  I have several subnets in my VPC AWS. I want this REA to be the gateway to the subnets and want to configure VPN L2L tunnels with ASA to other domain controllers.

  Appreciate your help

  -Aneesh

  I'm in the first phase of trials. I work one way... Will you post the details soon...

• Cisco ISE point endpoint assets use Reset

  Hello

  I have a Cisco ISE running version 1.1, and I was wondering if it would be possible to reset the license use/active end point shown on the dashboard? Noted after a restoration of EHT due to the replacement of the material and I noticed that endpoints use County/active license doesn't seem to go down.

  The following methods have been tried, but without success:

  1. reboot the Server/service of ise

  2. turn off all devices in the network use the ise as there are no customers/device access; example of switch/wlc/etc...

  3 remove all use of endpoints in the Group of identity/identities

  4 disable profiling at the ise

  As the ise has been installed with a basic license; not too sure if it can be either a bad restoration (all service/application work however) / accounting bad Ray which is not expired on the ise / etc...

  Any help is appreciated on how to reset the active use of point of termination/license.

  Thank you.

  Here is a method to remove outdated records. Please try this:

  http://www.Cisco.com/en/us/docs/security/ISE/1.1/api_ref_guide/ise_api_ref_ch2.html#wp1072950

  Thank you

  Tarik Admani
  * Please note the useful messages *.