Hi, I'm looking at deploying BGP on an FTD Active/Standby HA pair (FTDs are 4215 hardware running 7.2) to enable routes to be controlled by neighbouring routers rather than relying on 100s of static routes on the FTDs. I was wondering if anyone could...
Forum Posts
Hello, we recently had our cert for our VPN expire without notification via alert message. I've done some research in the FMC but can't find anything that monitors certificate expiration dates. A google search points toward REST API's of course but t...
Is it possible to run Radius with Cert and Radius only on the same interface. I have different profiles for the two. but they share the same tcp port. Need to do a POC, and it would be much easier to have user login with just Radius, not Radius and c...
Resolved! connetion events in FMC
Hi Dears,in our company we have FMC\FTD but the logs (connection event) were saved for almost 1 week back only.i have been checked the limitation as the below tableConnection eventsSecurity Intelligence events50 million (FMC Virtual, FMC750) 100 mill...
HiHow do we configure AAA for the FTD in chassis mode managed via FMC?I can't seem to find any information on this? The FXOS cli doesn't appear to permit you to make any changes.But i don't see anywhere to create a Chassis AAA policy. AAA for the Ins...
object network obj-10.40.40.1 nat (inside,switch) static 172.10.10.5 What does the above NAT mean? what is the original source, original destination and the translated source?
FP has routed sub-interfaces as shown in diagram. HostA is able to ping HostB, and vice-versa. FP Vlan20 responds to ping request from HostA. FP Vlan30 responds to ping request from HostB. All works with the following exception, FP Vlan30 does not re...
HelloWe have a Firepower 1120 device. With IPS is it possible to monitor file copying over Windows RDP?If so, can it correlate the user session to what files are copied?Thanks
Hello,Starting from the last three weeks these IP Addresses are attempting to VPN into our network. In the ISE LiveLogs we can see that there are multiple attempts from these ip addresses. These IP addresses were added to the prefilter block rule on ...
Hello,I've bee trying for a while to get my FMC to talk to remote storage so I can place my backups and reports there. For some reason my FMC refuses to talk to any remote storage device I have. NFS, SMB (haven't tried SSH), neither work. I keep get...
Hi all, We have an FMC virtual 300 that was built by mistake by our client. This is fully functional but we need to renew the license. During the licence renewal, we realised that the FMC should have been built as a standard FMC virtual and not an FM...
Hi team,were working on one use of cisco ASAv firewall on catalyst 9300 switch but while choosing the model for licensing didn't understand b/w ASAc5 (L-ASA-C-5S-K9=) and ASAv5 (L-ASA-V-5S-K9=) and please find thee attached link wich we're following....
Hi,Our Cisco ASA running on Firepower 2120 hardware are being targeted by botnet DDoS doing random unauthorized login attempts originating from TOR network exit points or infected webservers and devices all over the world. The syslog is flooded with:...
Resolved! FMC is not updating LSP
Good day everybodyOur FMC is 7.0.1 and Geo , VDB and SRU updates are received automatically and everything is fine.Except LSP which is not update automatically.Is there anything I should do?Thanks in advance
hello all ,recently i tried to configure VPN site to site with certificate authentication type, i got the certificate signed by a third party autority , and when i did the debugs i got this log :CRYPTO_PKI: bitValue of KEY_USAGE = a0PKI[7]: CRYPTO_PK...
