can we directly downgrade ftd 4125 from 7.0.5 to 7.0.1.
Forum Posts
Resolved! FMC 4700 Cluster
1) Can we implement FMC in cluster? 2) Can we deploy FMC in Active/Active HA mode?
Resolved! Move a FTD H/A pair to a separate FMC
Hello, Today we manage 3 FTD H/A pairs with a single FMC. We now want to move one of the H/A pair and managed that it with a separate FMC. What is the best way to achieve this with minimal production impact? My plan was to the following steps Backup ...
I want to give an IP from the local network of the FTD device so that I can access Firepower through the interface. Firepower 1120 is connected to the switch. In the switch, the ports to which the firewall and the computer are connected are defined ...
We have a pair of ASAv in HA running on vmware. there was an issue with the primary so we flipped it over to secondary, but there was issues with the anyconnect clients connecting.The clients were connected but with no connectivity to local resources...
I searched for it and it seems that only FTD under FMC supports configuring facility code of remote syslog server.Any idea to do so? Thanks.
Hello.My task is to assess the status of Firepower technology on the existing ASAs. I can only use the CLI, not the ASDM.May you please answer below questions?...1. On an ASA 5525, using the CLI, how do I remotely verify if the SSD drive is physicall...
1. How can the FMC be configured so that managed devices will block files with cloud lookup disposition: Unavailable instead of letting the file go through while it's waiting for AMP Cloud connectivity to resume? 2. How does the firewall treat a file...
Does anyone have experience using FTD firewalls for micro-segmentation in an OT/ICS environment using IRB and BVI?Exist specific documentation for configuration of IRB and BVI in OT/ICS environment?regardsDavide Lorenzetti
The two FTD 4115 are configured in HA and are in similar network. In general they should have the same time to login. On one box it is the general time to login via ssh, but on the other it takes more than 70 sec to get a prompt.So far I have not see...
Hi team,I became totally confused after reading the TLS/SSL Decrypt-Resign Guidelines section (https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/decryption-rules.html...
Resolved! Cisco ASA OSPF ECMP
Hi There, Currently, I'm testing OSPF on the ASA firewall. Below is the topology I'm working on. Both areas 1 and 2 have been set up as a stubby area. On R5 I'm able to see the OSPF ECMP 0.0.0.0/0 routes towards R2 and R3. But on the other hand...
Hi, I'm on troubleshooting packet drop in Cisco ASA. When I ran the packet tracer, I find that the packet is drop: Phase: 11Type: ACCESS-LISTSubtype: filter-aaaResult: DROPConfig:Additional Information: Result:input-interface: insideinput-status: upi...
Hello, I have a Cisco ASA, HA - Active/Standby (ASA1 and ASA2) configuration:ASA1: Gigabit 0/0 (Management) - 192.168.1.110,ASA2: Gigabit 0/0 (Management) - 192.168.1.111.Is it possible to keep the Giga 0/0 management interface of the secondary ASA ...
Hello everyone,We have updated our FMC from v7.3.1.1 (build 19) to v7.3.1.1 (build 83), after the first deployment to our FDT-HA (both Firepower 2120) is on Active FDT double as much memory allocated to Inspection Engine (snort3), on the Passive this...
