I have a strange issue that just started. One sensor of many will not successfully install policy. It has to be Defense Center related because I can apply policy to the sensor when registered to a different Defense Center. The errors that I see is...
I'm trying to install a remote FMC1000-K9 appliance using the cli to configure it.
Launching the java-based KVM from the LOM connection (which was brought up with DHCP), I login as admin, and run:
sudo /usr/local/sf/bin/configure-network
then I a...
I am setting up a ASA 5505-X for a client and I am having an issue consoling in. I downloaded the correct drivers via Cisco and connected my device. I see it appear in device manager VIA com4 and everything appears to be working correctly. I open put...
We have a pair of ASA 5520's in a cluster running asa 8.2(5)13 where the primary member has been off line for ~ 6 months.
I want to reintroduce the primary back into the cluster. There have been numerous changes made to the config of the secondary-...
Hellois there a way to see user to IP address mapping, and users AD group membership on FirePower system. I have some problems with user identification and want to check whether correct information is propageted to the FirePower system. Also, should ...
Good afternoon,
A coworker and I are currently experiencing some delay in replacing a Cisco ASA 5505 due to the application requiring an older version of JRE to execute. We have downloaded multiple versions of Java and experimented with commenting ou...
Hello - I have a question: If the primary PIX has died and the secondary takes the active role - is there any time limitations for ability to make configuration changes on it?Thank you!
Is it possible to change an ISAKMP VPN port just for one peer?
Say if we want to change this to be tcp port 45500, the command for this would be:
Looks like the command to change this is "isakmp ipsec-over-tcp port 45500" but this is enabled glob...
The Manual Deployment of firepower recommendations persistently is timing out. I have attempted to push out the recommendations after generating them to no avail. the system will appear that it is deploying them to the devices, but after about 20 min...
We are replacing memory in one of our FS3500 with 48GB, the old 12 GB RAM is removed. It seems a waste not to use that memory. We have an old DC3500 (without servicecontract) with 12GB installed and empty memory slots.
Can I add the 12 GB memory to...
Hello,
I just upgraded my FMCs to v.6.2.2.1 and I'm trying to work making our block IP automation a little cleaner. My initial plan was to put them in a security intel feed and have it update on a 5 min interval but unfortunately custom feeds can o...
HiI am currently facing issues with the DHCPRELAY Agent on the Cisco ASA (5555-X ,ASA 9.6) . We have the following deployment.Cisco AP -> Cat 3K -> Cat 6K -> ASA -> Windows DHCP ServerThe APs are not able to get DHCP and from the ASA I can only see D...
Created a CSR, obtained the certificate files, uploaded them to ASA505. Three certs in the CA Certificates; one in the Identify Certificate. All seems just wonderful. Now to make use of the SSL certs: when trying to associate the certificate to t...
I'm in process of learning and implementing the user agent solution for AD dealing with Firepower Identity management.
Reading in the directions, the user agent can handle 5 Domain Controllers. My environment has no less than 8 DC's. Will I have t...
