topic Re: SPI Enabled or not in FTD in Network Security

SPI Enabled or not in FTD

adity — Wed, 12 Jun 2024 10:55:50 GMT

SPI Enabled or not in FTD

My auditor ask the below points evidence, kindly check and pls help us

Provide screenshot to show stateful inspection enabled on external firewalls in scope.

Provide screenshot for anti-spoofing access list or similar settings on external firewall and/or router.

Re: SPI Enabled or not in FTD

ccieexpert — Wed, 12 Jun 2024 16:40:48 GMT

firewalls are by default stateful.. from cli "show conn" will show the stateful connection. as for anti-spoofing ..follow this: https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/interfaces_for_firepower_threat_defense.html#task_34BB9AC8E91946AB847C65FB79D67A5F

Re: SPI Enabled or not in FTD

adity — Thu, 13 Jun 2024 07:28:22 GMT

We are using the FMC-V setup, and not able to see the options which mentioned in the link

Re: SPI Enabled or not in FTD

Sheraz.Salim — Thu, 13 Jun 2024 08:40:10 GMT

You have to connect and ssh to your FTD managment port. once connected you need to give command "system support diagnostic-cli" once you in the lina you can issue command "show conn"

Here good documentation to start from.

Re: SPI Enabled or not in FTD

ccieexpert — Fri, 14 Jun 2024 05:32:48 GMT

what version of FMC ? it doesnt matter virtual or hardware similar options should exist.. also "
show conn" can be run from the FMC for a device .

You can also access the CLI tool through the health monitor for the device (System (

) > Health > Monitor). From there, you can select the device, click the View System and Troubleshoot Details link, click Advanced Troubleshooting, then click Threat Defense CLI on that page.