Network Security

Resolved! Best ACL for internet facing port

What is the best way to create an ACL to be used on an internet facing edge port to keep the logs down when packets are denied from devices not permitted according to the ACL? Is there anyway to hide the public IP from the internet?

Resolved! FMC doesn't show me task status

I have a FMC1500 that manages 6 firepower sensors in my ASA firewalls. I recently upgraded the FMC to 6.0 and patched it. Now I am trying to upgrade the sensors to 6.0+. On an ASA running IOS 9.6.3, I tried to install the 6.0.0__Pre-install-5.4.1.999...

Resolved! IP Address of Slave Unit in ASA Cluster

I have a pair of ASA 5585s that I've configured in a cluster.FWL1# sho cluster infoCluster HQASA: On Interface mode: spanned This is "FWL1" in state MASTER ID : 0 Version : 9.0(2) Serial No.: <removed> CCL I...

ACL Impact and Limits per ASA Platform

Our company is a SaaS provider. Our security team requests that the OUTSIDE_Inbound ACL be expanded to include ACEs which reject entire countries via lists of subnets. The ACEs number in the thousands. The network team's concern is 'flatlining' t...

Design review ASA, vPC, fabricpath

Hi everyone,I found some designs in our network which I haven't seen in any configuration guides. I hope that someone can have a look at our network and point out some design errors or missconfigurations. Attached you'll find a picture with the topol...

Disable FTD Subinterface via API

Hi all, I'm now to the FMC API, and FTD in general. I have been tasked with creating an automated process to disable a subinterface on an FTD. I am able to pull the subinterfaces, but do not appear to be able to change the state via the API. I hav...

Resolved! ASA Stie to Stie VPN architecture

Our company has two IPS planning an IPS to USER using the Internet access, and the other would like to establish a branch to the branch office for the use of the company's internal services, whether both site are Cisco ASA equipment can achieve this ...

FMC not blocking URL

Hi All, I have setup an access policy to block access to porn and gambling yet the number 1 hit on google can be opened . am I doing something wrong here?

Resolved! Route Server Access

I have a FW (2) that have to segments one for data and one for voice (see attched image) and I want that those segments reach the servers segment behind another FW (1) also between the two Firewalls there is L3 switch.(image attached) Could you pleas...

Cisco ASA 5506-X or Cisco ASA 5516

Hi This maybe a quick answer for you out there.I am not a Cisco tech but have enough to understand basic networking.I need to install new ASA firewall and Router, and I am not sure which one to go - Cisco ASA 5506-X or Cisco ASA 5516?I have 75 users,...

Creating security zones

In current configuration, there are no security zones configures as of now.

Health monitoring severely behind schedule- policies not getting applied

1, FSMC show 2 critical health errors for SFR & Sourcefire3D related to time synchronisation. - Module Time Sync is out2. Also showing -Health monitoring severely behind schedule error in health. Any ideas on this issue . How I can resolv the issue?

Installing ASA software on 41xx

Hi, If i wanted to install on ASA Software on 41xx Chassis, what license we require? as far as i know, we can't Install FTD if we install ASA SW, so we don't need FMC to manage the Firewall? will also the old ASA CLI be available or do we need to In...

Smart Net Support

1. Can share if SourceFire have support coverage in these countries?2. What SLA are available?3. Can we engage the remote service to help reconfigure back to last config and so as that we can remote via internet for any further setu...

Can't Open Spam Quarantine page on IRONPORT

hello,i have Cisco c 160 ( version 8.0.1-023),i want to realse mail from spam quarantine,when i select monitor>spam quarantine >press on the number of the mail ,the new windows open but with "canot display the webpage" ,these way i can't release mai...

Network Security

Forum Posts

Resolved! Best ACL for internet facing port

Resolved! FMC doesn't show me task status

Resolved! IP Address of Slave Unit in ASA Cluster

ACL Impact and Limits per ASA Platform

Design review ASA, vPC, fabricpath

Disable FTD Subinterface via API

Resolved! ASA Stie to Stie VPN architecture

FMC not blocking URL

Resolved! Route Server Access

Cisco ASA 5506-X or Cisco ASA 5516

Creating security zones

Health monitoring severely behind schedule- policies not getting applied

Installing ASA software on 41xx

Smart Net Support

Can't Open Spam Quarantine page on IRONPORT

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Configuring OKTA SAML on FTD 7.2.5

Palo Alto to Cisco Migration Tool count_summary error

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

firepower custom URL feed in ACP rule

Need to restore new FTD2100 via locally/FDM with backed up configs?

How to - ASA trustpoints must be manually migrated to the management

FMCv in Azure Hosting Multiple HA Clusters and License

please help me configure TFTP access-list on ASA for device management