Network Security

Resolved! ASA + fiepower to FTD

Hi ALL, I have to migrate from Cisco ASA + Firepower (5585 ) to FTD 4110, can you please guide with me steps to follow. I didnot see any documentation to migrate the firepower polices to FTD , only ASA to FTD migration documentation available.

FTD assign the IPS policy to ACL

Experts Please correct me n FTD do we assign the IPS policy to ACL or do we have to create an inline pair. Am moving one firewall and one IPS to FTD.

Resolved! Upgrading non X ASA

Hi, One of our clients has an oldish 5512 ASA that is not Firepower capable so does not have the "X" designation. We wish to upgrade this to deal with the recent vulnerability discovered with the webvpn component. I have the requisite support contrac...

Reconfigure ASA interface to make it trunk, Impact on SFR module

Hello, I have an ASA Firewall with SFR capabilities that has 2 routed interfaces: Inside and Outside. I need to reconfigure the physical inside interface, make it trunk and create 2 subinterfaces: one will be the previously inside interface and add...

Upgrading ASA 5545-X (9.5 to 9.8) having SFR module

We have ASA5545-X with SFR module installed. i need to upgrade ASA software from 9.5 to 9.8. and i want to do the upgrade only on ASA. while i dont want to make any change to SFR. i am confused whether upgrading ASA software will have any impact on...

ASA 5506-x doesn't see sfr module

Good day forum users. It is my first post here, and I am seeking for your support on one problem . I am trying to first setup the ASA5506-x and it seems that something missing in image file shipped with HW: firepower# show module all Mod Card Type...

Dual Homed ASA?

We have an Active/Standby pair of ASA5520 devices connected to the core with a /27 public IP address. We also have an Active/Standby pair of ASA5525-X devices connected to the core with a /28 public IP address. The default route from the core goes ...

FirePower 4110 + Radware Defense Pro services cohabitation and performance

Hello.A customer has today up&running a FirePower 4110 with Thread Defense + Malware License. He now wants to add Radware's Virtual Defense Pro.From the HW perspective, is it needed to add something else?From the services chaining, could all the serv...

Resolved! ASA : How to restrict outbound internet traffic to specific domains & deny rest

Hello All, I am new to ASA & looking for some guidance. We have internet access working via our ASA. We have lot of servers in our internal network with their apps/ services that make outbound connection requests to their respective vendor websites o...

ASA real-time log viewer

I currently have an ACL set to log informational events and when I use the real-time log viewer in ASDM it seems to miss some of the events. I can see the hit counter increment, which I have set to update every 10 seconds, but I do not see an event i...

Add NAT to allow AnyConnect VPN to access local subnets

Hello, I've recently factory reset our ASA (moved buildings) and it's all up and working now and users have local desktop Internet access. I'm now configuring the AnyConnect client and when connected my laptop can access our remote subent where our...

Resolved! Understanding NAT, ACL & Routing Procces on Cisco ASA

I normally configure my Cisco Routers without any problem. But for now, I have problem to migrate 1 ISR 2921 configuration to ASA 5508-X. I have problems with: - dynamic PAT - static PAT - inter-interface flow traffic and more, much more. I saw and...

Can't apply ACL with ASA5510 but can apply with 5512x(same ios version)

I can apply below command with asa5510 but can't apply with 5512x (same ios version) don't know why it's not working access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_196 object-group DM_INLINE_NETWORK_197 object-group...

Upgrade ASA over VPN via inside interface

HelloI am trying to upgrade a Cisco ASA over an IPSEC VPN tunnel. My FTP server is on the remote side of the VPN tunnel but I am initiating connections from the inside interface of the firewall. I am currently managing the Firewall over the VPN via i...

Need to block Cpanel ports in ASA 5550 please

Dear all, Sorry, I posted the same in discussion and thought I will also post it here, sorry again I need to stop clients from accessing Cpanel ports outside our network. The issue we have is that our home page is hosted by an external company and...

Network Security

Forum Posts

Resolved! ASA + fiepower to FTD

FTD assign the IPS policy to ACL

Resolved! Upgrading non X ASA

Reconfigure ASA interface to make it trunk, Impact on SFR module

Upgrading ASA 5545-X (9.5 to 9.8) having SFR module

ASA 5506-x doesn't see sfr module

Dual Homed ASA?

FirePower 4110 + Radware Defense Pro services cohabitation and performance

Resolved! ASA : How to restrict outbound internet traffic to specific domains & deny rest

ASA real-time log viewer

Add NAT to allow AnyConnect VPN to access local subnets

Resolved! Understanding NAT, ACL & Routing Procces on Cisco ASA

Can't apply ACL with ASA5510 but can apply with 5512x(same ios version)

Upgrade ASA over VPN via inside interface

Need to block Cpanel ports in ASA 5550 please

Cisco FTD/FMC IPsec Tunnels: “Up” Doesn’t Always Mean Working

Cyber Vision Sensor version

FTD 7.2.5.1 → 7.6.2 Upgrade sftunnel TLS Failure — Certificate Mismatc

Suppress Closed Responses on Non Existent TCP/UDP Ports

FMC Upgrade to > 7.4 || 7.6

How does BGP flowspec work

FTD to AWS VPN gateway IKEv2 phase 1 lifetime mismatch

IPs needs to excluded from protected network Site to Site VPN on FTD

FTD HA Pair - Config Sync Status: What does "Sync Skipped" mean?

FTD Route Based VPN question