I'm in process of learning and implementing the user agent solution for AD dealing with Firepower Identity management. Reading in the directions, the user agent can handle 5 Domain Controllers. My environment has no less than 8 DC's. Will I have t...
Forum Posts
HI I have the below proposal for new setup and I need design advice Network devices: : 3- Internet service providers’ for 3 different networks(not for High-Availability only for three different service (Separated) . 3-Cisco 800 Series router for int...
I've created a new realm in the FMC 6.2.2.1 and input all of the required information. In the user download section, I'm able to see all of the Available Groups in our domain. However, the automated downloads are failing every day -- "unable to downl...
Hello, I'm new in the community of packet tracer. I am trying to create a VPN between 2 Cisco ASA 5505 (Site to site) via packet tracer. I would like my PC from my Site 1 (192.168.1.1) to ping my 2nd PC from my Site 2 (192.168.2.1) Unfortunately if ...
We are going to upgrade our firepower platform. We have cluster FMC4000 (Active/Passive), and two sensors (FP4140). These are the current versions:FMC4000FTD version: 6.2.0.2FP4140:Firmware 1.0.10FTD version: 6.2.0.2FXOS version: 2.1.1.77-----------...
Hi, I have been assigned to install and configure Cisco Firepower 2130 Appliance. but I am not getting where to start as I am not getting relevant documentation. Please clarify below points: 1. Cisco Firepower 2130 master bundle 2. Cisco F...
I am currently working on a project to install new IPS module on existing standalone 5515-x ASAs. The ASAs are on the 9.2(4) 20 version. Based on the ASA Firepower compatibility matrix, there seems to be a bug issue (CSCuv91730) with this version d...
Resolved! How to ACL restrict L2L Peer Connections
I'd like to restrict incoming L2L traffic to just my list of allowed peers. What's the best way of accomplishing this?
When I do a wireshark capture on a switchport, I see my client's SYN go out and the SYN ACK come back within the same second. However, on the FWSM module sitting on the same switch, the SYN ACK doesn't arrive until after 30 sec and so it gets dropped...
Resolved! ASA Sensor upgrade fails
I will readily admit I'm still learning the platform I inherited. I have a Defense Center version 5.4.1.3 virtual appliance, and an ASA 5515-X running sensor code 5.4.0 that I just recently reimaged to get it working properly again: Sourcefire Li...
When you have a sla monitor configured for fail-over internet. If this was my config below assuming it was configured correctly elsewhere. Does it fail-over if 1 packet doesn't reach 8.8.8.8 or does it need all 6 packets to fail before it fails over?...
guys can you tell me how to check if webvpn is enabled on a firewall. Thanks ravindra
Resolved! Allow only maps.google.com
Hello, have a problem with rule for ASA 5505. I need block all tarffic except maps.google.com:regex googleMAP "maps\.google\.com"class-map type inspect http match-all BlockDomainsClass match not request header host regex class DomainBlockListpolicy-m...
ASA 5512-x requires new IOS. we discovered today that when we try to upload new IOS to flash either via ASDM or copy cli command the ASA reboots. We are running IOS code 9.1.1 anybody every encounter this?
Hi Is this possible, I want to Route a loopback address residing on the outside LAN context to the the MGMT 0/0
