Is a Cisco firewall capable of microsegmentation? Can it handle east-west traffic and monitor traffic within the same VLAN?
Forum Posts
Hi All,I am facing an issue with a Firepower NGFW 1120 connected to a PPPOE Connection. Some websites are loading very slow, for example office.com. The PPPOE connection has an MTU set to 1492 on vlan id 6. It looks like packets are not fragmented ri...
Hi, Is there a way to extract a list of all devices and there serial numbers from FMC? We are using FireSight 5.4 version of software. Thanks, Dan
Good morning everyone,I noticed that on my CSF 1210 CE FTD, using the Firewall Device Manager, Monitoring - Event viewer section,events are received and displayed only if the page is open.It is not possible to view events that occurred when I am not ...
Hello,Can someone please tell me why I am unable to make changes to a text object and save it? I only see the close option as pictured when I should be seeing save and cancel as the options.Thank you in advance.
Hello, I can not find an answer to this anywhere online. It would seem self-explanatory, but apparently it's not. What encompasses the "Snort - Denied Flows" that can be seen for the FTD in FMC's Health Monitor? The numbers I am seeing in the "Snort ...
The work around we were able to leverage was instead of using the NAS-IP-Address in the Radius policy set we used the Device-Access-IP-address which is still part of the Access-Request packet. We left the NAS-IP-Add and used the OR statement. Once t...
Hi,We have an ASAv in Azure, its a single firewall with no load-balancers.Is it possible to add a second public IP address to the ASAv, is it just a matter of adding a new private to public ipconfig setting? do i need to do anything on the ASA such a...
We have Cisco FTD 2110s that are managed with FMC and we are trying to figure out how to block access to our remote access VPN by IP. We already have a geolocation block for Access Control in FMC. But, are we still not able to do geo-ip-based restric...
Resolved! SSH with X509v3 certificates
Hello,I am doing a little lab using SSHv2 with X509v3 certificate client authentication. I have a simple setup:* Windows PC with 2 SSH clients:- Putty with PuttyCAC for smartcard support- PragmaFortress SSH Client with smartcard support*C1121X-8PLTEP...
Is there a FMC API to get1) Realtime performance metrics for CPU/Memory/Disk. 2) Tunnel (VPN/Site-to-Site) performance metrics (e.g. latency, jitter, packet loss) managed on FTDs.Tried following APIs but no helpful to get intended output:/api/fmc_con...
Cisco experts,I am trying to close various ACAS scan results. Plugin 70658, SSH Server CBC Mode Cipher and I am asking what is the correct way to close this finding.The device I am working on is a Cisco Firepower 2130 with FTD. The software versio...
Our current ACAS scans are showing plugin 157288, TLS Version 1.1 Deprecated Protocol findings on Firepower 4120 and Firepower 4125 with FTD devices.The Firepower 4120 is running version 7.2.9,The Firepower 4125 is running version 7.4.2.2I am asking ...
Resolved! FPR‑4145 EOL/EOS ?
hellodo you know when is eol / eos for FPR‑4145?
Hello Everyone,I have recently used cisco firepower 1120 for one of our customer, without any additional licenses. So as per my undertanding all the firepower comes with base license as perpetual. So, I proceed it with basic configuration, which give...
