I upgraded all my firewalls from 9.4 to 9.8(4)12. They are running in single context routed mode. I disabled the rest-api agent, as per the upgrade instructions, while doing the upgrade. After upgrading the OS, I upgraded the Rest API package to asa-restapi-7131-lfbff-k8.SPA. the file passes the verification check. Cisco Don't seem to have bothered to update any of the guide docs for this version
I have enabled the api again with no errors, but it does not work properly. I have two primary problems:
It no longer works with TACACS, where as it previously did. The TACACS server has the enable_1 user, as required. If I disable TACACS and only do local auth for http I can authenticate, but the API does not work properly. It doesn't seem to pass the username and password through correctly from the Rest API agent web server to the aaa process. The tacacs logs just show password incorrect. it definitely is not, as I log in to ssh with the same password.
Another example of weirdness: If I go to the https://firewall/doc/ I get a skeleton page with no information populated.
If I try and use the RESTClient addon for Firefox to get a page, even with the basic auth authentication set, I just get a response page asking for my credentials.
Hello All, i have two vm firepower as HA and they are working fine as HA the traffics going through fin but there is a red mark shows on the HA, can someone tell me what does that mean please? This only appears on the HA not in individual device...
This event had place on Thursday 23rd, January at 10hrs PDT
Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. H...
Securing What's Now and What's Next. With our annual global survey of 2,800 security leaders, we dove deep to compile key benchmark statistics. The 2020 CISO Benchmark Report provides valuable takeaways and data on the most pressing cybersecurity to...
I have 2 Firepower module (ASA 5525) with Malware and IPS licence. Recently i changed the Malware policy action set to "Block Malware" and "Reset Connection". How to log the event if my policy blocked any files? Please find the attached screen shot f...
Hi, We have ISE v2.4 installed in production for only 2 month now. we are integrating anyconnect for posturing on all end users machine. I want to get the report or statistics of all the machines on which anyconnect client is installed.