Can someone help to find out mitigation of CVE-2024-20271. as per cisco, there are saying work around is not there and fix to upgrade version. However, the http where this info is updated is saying that vulnerability is affected to AP.For my device,...
Forum Posts
Resolved! Firepower 2130 - Factory Reset
How do you go from appliance mode back to platform mode? We are trying to convert our Firepower 2100 to running FTD. We've tried booting in rommon and applying factory-reset and boot, it goes back to loading the ASA in appliance mode. These commands...
Resolved! NTP vulnerability issue
Hi all, From the vulnerability scan, we got the below issue for NTP for Cisco 3850 switch. Could somebody please advise how to fix it. An NTP control (mode 6) message with the UNSETTRAP (31) opcode with an unknown association identifier will caus...
Resolved! Cisco 1120 upgrade question
I currently have an 1120 running in appliance mode on ver 9.16(1) and need to upgrade due to a vulnerabilty.The current recommended version is 9.18.4.29 (June 2024), although I would be more tempted to go for 9.18.4.24 (May 2024)I cant find any docum...
Hi All,I downloaded the asdm-openjre-7191-90.bin (Cisco Adaptive Security Device Manager for ASA 9.8-9.19 integrated with OpenJRE) BIN file and I have no clue how to execute this.I did some googling and from what I found you need to burn it to a CD a...
Hello All,I have a brand new Firewall 3105 and we have completed the initial setup and inside and outside interface,route and nat configs. Before the cutover of production traffic from existing firewall I need to test the traffic with Sample policy i...
We have FMC and FTD , In FMC we configured Blocked traffic ACCESS POLICY , but while checking in FTD(CLI) one more ACL( Ifc Outside any any allow) showing with same rule-id 26844160. any ideas how to find this ACL in FMCACL in FTD ========access-li...
Company's FTD license expired and I am trying to review any documentation to unregister the expired FTD license and install this temporary one. License was done as a SLR and in an air gaped deployment. Wanted to first try this forum before submitting...
I have three c1000 switches in my environment that are returning the following finding on our internal vulnerability scans: Name:Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSH, D(HE)ater) Severity:High CVE:CVE-2002-20001 Descri...
Dear Folks, I have Cisco FPR-4112-NGFW running with Cisco ASA Image with multi context mode. My customer wants to move into FTD image. running with multi context mode?Can we run Multi context with FTD image on FPR-4112 platform? In FTD, Will Multi co...
Hi,I am charged with replacing our ASA 5525 with a Secure Firewall 3100. the current ASA is bloated with a lot of dated configuration. However I have managed to consolidate the NAT rules but there are still a lot. How do I copy/paste the NAT from ASA...
Hi all, I have an FTDv in Azure and traffic going towards the public IP is not being natted towards an internal server. I see the traffic hit it in the packet capture but no nat rules are applying and it is not being forwarded inside because of that:...
We've just setup 3105s in HA with a FMC When we failover the FW, and check the route table we cant see our default route on it. it takes over 20 seconds for the static route to be populated in the routing table. The outside interface is up and con...
Resolved! anyconnect vpn failed attempt logs
Hello,My firewall (cisco asa 5516X) is being hammered on with user accounts attempting to connect to my vpn via cisco anyconnect client.These are bad pword attempts and locking out these users. I have Microsoft MFA enabled for anyconnect connections,...
Resolved! SFP Down on FPR 4100
Am trying to configure the Cisco FPR 4112 box. So far Chassis management has been configured and am able to access and manage the box ok either via SSH or Firepower Chassis Manager. The connection to the box via the chassis management port is success...
