Is there away to pull the object network name with both the host or subnet and nat configuration? Currently I am having to do a show run and copy the object with object-groups section along with the NAT sections, paste them into Sublime Text 3 and se...
During the VPN negotiation, does anyone know of a way to force a IKEV1 connection with a policy that has stronger encryption, say AES-256, DH Key 5, rather than reading top down and connecting on the first match, with may be 3DES, DH Key 2. I know...
Hi: FMC version: 6.2.2 FTD 2130 Has anyone ever seen this health global alert before please ? : Firepower Disk Usage:0 - Disk Drain of unprocessed events from Connection Events… As a result I don't have any eventlog in the FMC regards,
I'm trying to get some information on how to properly configure the Mgt ACL in ASDM/CLI for management access to the ASA. When I configure it to allow connections from my IP address and then attempt to SSH to it I get a "connection closed" and syslog...
How can we proof this statement to the clients These tests will verify that the infrastructure components, infrastructure services and business applications have sufficient security controls built in to ensure confidentiality, integrity and availab...
Picking at an old topic here. We have a PRTG installation for monitoring, but It can't handle all IPSec via SNMP. How do you monitor IPSec connections on ASA, and alert on them? Tools, scripts, anything... Best regards, Michael
Hello, I am configuring a new RA VPN Policy on FTD 6.2.3 software based on 2 x ASA 5500-X hardware. I have two ISP connection with SLA monitor for route tracking. At first I made the configuration for the Security Zone (include my two ISP) and...
Hello, To make real time detection more effective, how to find the Cisco device alert pattern for real time detection of attack? For example, SQL slammer worm, Cisco IDS will fire its related/specific signature. For any Trojan activity IDS will fire ...
Hi, I tried searching over the internet but I only saw FP2100 for password recovery. How I can do password recovery for ASA running in FTD? Thanks
I have users trying to access a host that is showing up in FMC events with "red" computer icon which means compromised. The action is allowed in the event log. I have also added this host to bypass the sfr and i still the client getting tcp resets to...
Hello, I want to create an active/standby failover set-up for an existing production multicontext FW. I do the usual failover configuration, replication ends, so far so good, but after 5 minutes the secondary/stanby unit gets stuck in the bulk sync...
Hi, hope I am posting in the right area... I have inherited the responsibility for this wiped CISCO 5515x after the company split up, etc ... I have managed to learn how to login, using Mac OSX, Terminal, etc and wipe and do a basic setup config.I h...
Does anybody know if its possible to use the public outside ip-address as translated nat address on an site 2 site tunnel? Translate all local ip-addresses to public ip, then tunnel the traffic via site2site tunnel to remote site. Or do one have ...
I've written a FMC REST API client module in Perl 5 which we use to cleanup access policies generated by the Cisco Firepower Migration Tool.It can be found at https://metacpan.org/pod/Net::Cisco::FMC::v1. It can be used from Perl 6 Raku as well using...
Hi,Internal users can access FTP server using it's public IP but external users can't access the same server using the same public IP. I have a nat statement as follow(LAN-Inside) to (AT&T) source static FTP-Server-Private A_12.218.61.83 dnswhere the...
