Due to the Semiannual Security Advisory released yesterday we are testing upgrading to 7.4.2.1 from 7.4.2. We've run into a problem that the upgrade is throwing errors that expired certificates "exist" The DefaultWebserverCertificate was replaced by...
Our organization's Cisco FTD is blocking JW Player, saying it's categorized as "very high risk". I can find nothing on the Internet about JW Player being considered high risk. I don't want to unblock it if the FTD is blocking it for good reason, but ...
Greetings, Kindly advise if FDM is enough for IPS configuration for FTD3110-HA-Bundle as DMZ firewall.
We need unique identifier as part of our rule naming convention. as you know the fmc uses "New-Rule-#5-ALLOW" if it is an allow rule.my suggestion was to use thezone/interface as part of the name, followed by a number, permit/deny, then descriptionin...
Hello,I want to migrate from physical FTD to a FTD virtual, i have just found out that the virtual FTD has some limitation regarding the number of sub-interfaces and interfaces that can be created. But on a test environment i was able to create more...
We are designing a network for a public healthcare customer that needs to support about 3,000+ users. It's a big building with 13 floors.To keep it simple we proposed C9500 on the distro/core (collapsed core) and C9400 on the access layer. Keeping al...
SSL Labs reports that the certificate chain is incomplete. I'm looking into this for a client and am unsure what the issue is. I can see the cert on the ASA, and SSL is bound to the cert. Any insight on how/if this can be repaired?Many thanks in adva...
Apply a patch on ASA (5500) to move from version 9.18.4.22 to 9.18.4.55I am not sure that first fixed security advisories include the impact related to Ipsec vpn in Critical,High,Medium?thanks.
Is there any key to stop show conn detail output on ftd?
hi all,when I'm trying to check for updates from ASDM on ASA 9.13(1)10 (i'm using cisco firepower 1140 appliance) I am asked to enter username and password for Cisco.com (see picture attached). Does anybody know what credentials have to be entered? P...
Good day team!struggling for 3 days...reading a lot of forums didn't help me...I have a problem. Fresh install ASAv 9.20 and Anyconnect client 4.10 (the last one)everything work fine, exept of DART and GINAI've made config. But no luck. I see that cl...
In my setup, I have 10 VLANs that all need internet access. The issue I encountered is that only one VLAN is able to reach the internet using its next hop to the firewall. I tried configuring 10 separate default routes for each VLANs, but while I was...
Can see packets on sub ints as expect FTD is reporting an error as no packets on physical how to turn this off?
Hi all,I have two network object groups as follows:inside_group_A with hosts ranging from 172.16.10.10 to 172.16.10.15 (configured with Static NAT for services such as Mail and Web).inside_group_B with hosts ranging from 172.16.10.20 to 172.16.10.30 ...
Morning,I am having an issue with our Fastpath rules, hoping for some advice:I have added our scanning IP ranges in to Network Objects and then created a prefilter policy to fastpath traffic from or to these addresses.I'm unsure why but we are still ...
