FMC by default provide multiple Access Control and Intrusion Prevention policies. Is there a way to view the content of the system provided access control policies?
Forum Posts
Hi, I am configuring a firepower 2110 following the cisco document. https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/ftd-fmc-2100-qsg.html FTD version is 6.2.2-81. I would like to configure the management interface to the s...
We are installing an FMC 4000 into our network and wanted to use the 10 gbt ports on the chassis. We have some SFP-10G-SR sfp+ modules that we wanted to use. Can we use them for the FMC 4000? Are there specific sfp+ modules that we need to use?
Hi All, We're massively cleaning up firewall rules to harden the network, but on some interface we have some permit ip any any rules which ofcourse are hit massively. I want to further investigate this but haven't done this before. What is the go...
Hello, I have a problem connecting to ASA 5505 via ASDM. I am able to download and start the application but as soon as I start in put in the IP address it gets stuck on the login page saying "connecting to the device". Java logging shows the error...
So we have a pair of firepower/NGfws (asa 5555x) and we are upgrading our internet connections in 3 locations...2 of which are getting a new IP space. We do ALOT of stuff on our firewall, aside from NAT for outbound web surfing, we have statics for ...
what is the difference betwenn URL filtering Feature and URL, DNS, IP Address feature from Security Intelligence? Where should i apply the url filtering feature and when the security intelligence feature? I am confuse about these two feauture because...
Hi All, Recently during IOS upgrade in Cisco ASA pair (active/stby), users experienced partial outage after I failed over the traffic to secondary ASA, while upgrading the primary. Basically connection table didnt get replicated completly. So how t...
Resolved! Cisco ASA 5516-X Licenses
Hello Guys,I want to know please if there's a way to install the license of the ASA 5516-x from the FDM without Smart Licensing.
Hello. I have two L3-switches, they are as default gateways for other devices and provide fault tolerance by the VRRP. On these devices i manually created ACL, the rule must be edited and added on both devices. Is there any way to configure replicati...
Resolved! the rommon mode tftpdnld command error
hi everyone I wanna upgrade my asa os from tftp server. I set this variables in rommon mode: ROMMON Variable Settings: ADDRESS=172.17.17.216 SERVER=192.168.199.17 GATEWAY=172.17.17.214 PORT=Data0 VLAN=900 IMAGE=asa916-10-smp-k8.bin CONFIG= LINKTIME...
Despite reading for days, I feel like I'm missing something fundamental. The TID option of FMC needs sources. Cisco doesn't provide sources? (That's a question, maybe I'm missing something). I've seen recommendations to use AlienVault OTX and Haila...
Hello , I need to put 2 Cisco 4120 in cluster (active / passive) Can the clustering be done using the 8-port 1Gbps copper, FTW (fail to wire) Network Module ? Thanks
Resolved! LACP on Cisco firepower 4120 in cluster
Hello , I am planning to put 2 Cisco firepower in cluster. For redundancy purposes , i was planning on performing LACP on the firepower for my trunked (about 50 vlans) interfaces. Is this feasible? The firepower will be connected to a 3850 stac...
Resolved! Cisco firepower ngips SSL inspection
Hello , a company is acquiring a cisco firepower to protect their ebanking website (SSL encrypted). IPS signatures will be activated to protect the Ebanking website , but all traffic going through the firepower will already be encrypted. Questi...
