Network Security

Resolved! Firepower Management Centre 2000 licensing question on Max number of Firepower SFR modules

We have Firepower Management Centre 2000 appliances (Cisco part number: FS2000-K9) which manage Firepower SFR software modules which exist on Cisco ASA 5500-X series appliances. In terms of licencing: We are using Classic licencing (rather than Sma...

Flex-Config PBR in FTD

Hi, Just needing a clarification about PBR, I will be having 4 interfaces. 1 going to MPLS, another going inside and the last 2 interfaces will be going ISP1 and ISP2. I will be using ACL as my match clause however, I am having 2nd thoughts how to d...

High Transmit Percent Utilization

Hi all, I am kinda new to Cisco ASA... and i have just recieved an alert from the monitoring team saying that there's an alert reading "High Transmit Percent Utilization>80% - on Adaptive Security Appliance 'outside' interface · Outside . So can so...

Resolved! Cisco ASA 5525-X Active-Active Image Upgrade

hi, it's my first time to do active/active code upgrade on a 5525-X pair (no FP module). i usually upgrade an active-standby FW pair. could someone advise their personal experience? is it the same upgrade procedure on a active-standby FW pair? any co...

No translation group found for icmp src

Hello all, I'm setting up a second public IP block for a different DMZ server. When I ping the Nated IP (31.80.169.227) from outside I'm getting the log "No translation group found for icmp src.." on my firewall. Any ideas on how to fix this will b...

Cisco ASA Log classification

Hello everybody!. Is there a site where I can obtain a classification for the different logs? Depending on the event ID, I would like to know if a given log falls into a classification, such as: Attack, Denial of Service, Malware, Failed Attack, etc....

ASA 5516-X with FirePower - no traffic pass

Hello! In my company, we have a Fortigate Firewall and we acquired a Cisco ASA 5516-X With FirePower to substitui the Fortigate I configured the ASA with de same conigurations of the Fortigate, but, when I changed the IP address of the Inside inter...

Resolved! URL Filtering with TLS 1.3

With forward secrecy in TLS 1.3, how is the FMC/FTD going to handle TLS 1.3 specifically with URL filtering? This is just around the corner, so I was wondering if there were any work-arounds as the FTD will not be able to pull the certificate from t...

NGIPSv Performance

Hi people! Has somebody information about the performace of the NGIPSv under VMWARE??? What are the sizing guidelines?Thanks!

Configure OSPF on BVI interface of ASA 5508-X

Hi, I have two ASA 5508-X, I configure BVI interface on each ASA and assign port 6,7,8 to that BVI. Can I configure OSPF to form neighbor between these 2 ASA via this BVI interface?

Firepower 2110 ASA code

Hi, I re-imaged our Firepower from FTD to ASA successfully. What is the command to configure the firepower to point to the firesight management center so it can be managed. I can use the connect asa command to access the ASA, but not quite sure how...

Resolved! ASA 5506-X firepower not working.

Hi Guys, I am facing of my ASA 5506-X firepower was not working , had try to follow cisco datasheet setup accordingly but problem still persists. Please help... Card Type: FirePOWER Services Software ModuleModel: ASA5506Hardware version: N/ASe...

Bulk addition of nodes into Firepower FMC

Greetings, I found a post that talked about using the host input API (https://www.cisco.com/c/en/us/td/docs/security/firepower/60/api/host-input/HostInputAPIGuide.html) but has anyone actually used this and can share the format of the input file(ap...

Fmc remote vpn

Dear all, I have virtual fmc with 2120 ftd ver 6.2.3 with maleware and thread license. I want to configure ssl any connect remote access vpn to have 50 users concurrent users. Do o have to purchase AnyConnect Apex license??? taking into consideration...

ASA5515 - %ASA-4-434002: SFR requested to drop TCP packet from ...

I am looking at the ASA syslog for my website IP. I found lots of logs like this happened at exact same time and second and date (for different port, eg. 33670, 336578), appeared 31x and then 2 mins later, appear 31x again. %ASA-4-434002: SFR requ...

Network Security

Forum Posts

Resolved! Firepower Management Centre 2000 licensing question on Max number of Firepower SFR modules

Flex-Config PBR in FTD

High Transmit Percent Utilization

Resolved! Cisco ASA 5525-X Active-Active Image Upgrade

No translation group found for icmp src

Cisco ASA Log classification

ASA 5516-X with FirePower - no traffic pass

Resolved! URL Filtering with TLS 1.3

NGIPSv Performance

Configure OSPF on BVI interface of ASA 5508-X

Firepower 2110 ASA code

Resolved! ASA 5506-X firepower not working.

Bulk addition of nodes into Firepower FMC

Fmc remote vpn

ASA5515 - %ASA-4-434002: SFR requested to drop TCP packet from ...

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?