Network Security

Resolved! What Equipment is Needed for CCNP Security Lab

Hello,Im Looking to find out what Devices are needed for a ccnp security home lab. I keep hearing that 2 5510's are a must for labbing. The downside Is the Prices avg $800 each on the low end. I also saw some ppl had an ips in their lab. Im looking t...

Cisco ASA 5510 - denied due to NAT reverse path failure.

Hi All, Would you be able to shed some light on the below error message? If you could look at the screenshot attached, it will show you the current setup. I have set this up using the ASDM, the packet is being denied when going from: Outside R1 to...

Firepower High Memory Usage

Good Day, I have a concern from my customer, claiming that the memory usage from CLI and meanwhile GUI shows that the memory is normal. And now my customer also claims that the software doesn't tally to the hardware. Any way in particular that I can...

Resolved! URL filter rule for “directory” part in URL ?

Dear, I have a question about “Block and Allow Lists with URL filter function on ASA w/ FirePower” When we using “URL Filter function”, is possible to we can create manual url filter rule(or access list) as like bellows? Allow to http://hosta.c...

Resolved! ASA 5516-x With Firepower services and active/active failover

Hello everyone, I have two ASA 5516-X setup in an active/active failover. I have also installed and succesfully bootstrapped the firesight management center with the two sfr modules added and licensed. And, at this moment I am reading through the f...

firepower web interface password reset

hi i am trying to reset the password for admin user (for the web interface) for my firepower mgmt center with the following command sudo usertool.pl -p 'admin Sourcefire' but when i run it i see the following error message Password length is 0 at...

Firepower 6.2 ASDM - syslog timestamp question

Hi. I am working my way through the 45-day eval of an ASA5506 Firepower IPS and have resolved most of the problems. One issue still remains: Even though ">show time" displays correct time for both UTC and local, all syslog messages are stamped with ...

ASA PBR issue

hi, i facing a PBR issue on ASA, as i know , the normal PBR format is: access-list to_ADSL extended permit ip 192.168.1.0 255.255.255.0 any route-map my_map permit 100 match ip address to_ADSL set ip next-hop 100.0.0.1 then apply it on the interfac...

FIPS Compliant verification

Hello, I am in need to verify that I have configured our ipsec tunnel to be FIPS compliant. Here is a sample that I created to make sure I am good: crypto ipsec ikev2 ipsec-proposal testing protocol esp encryption aes-256 aes-192 protocol esp integr...

Downgrading Cisco FirePOWER 7020 Sensor

Hi Team, Can you please let me know, how to downgrade the Cisco FirePOWER 7020 sensor from 6.0.0 Build to 5.4.0.9 remotely. Request to share the steps involved in downgrading remotely, as I don't have physical access to the device. Thanks, Murali ...

firesight report

Hi, Based on the attached screenshot on the report. What is the root cause IP and destination IP for faceboook application ? Can we find in the firesight analysis ? Appreaciate it thank you

Resolved! ASA -----User with low privilege

Dears , i want to know which privilege i suppose to use to allow certain user to do "sh version" command as i tried some privilege and they all do the same as privilege 15

Resolved! ASA 5525X dropping all DNS queries

Hi All, I have a problem since Friday and no shared support has not been renewed so I cannot open a TAC case. We have found that the ASA 5525X on ver 9.4.3(8) just started to deny all DNS requests. We have an ACL that allows the Internal DNS server...

Firepower URL Filtering Download Failure

I'm hoping someone can help here. I have a Firepower Management center (virtual). Version 6.1 I'm getting a critical health monitor error URL Filtering Download Failure. all the procedures to troubleshoot on the web are for 5.4, and things don't l...

Resolved! FirePOWER SSL Decryption using Wildcard Certificate

Does anyone know if wildcard certificates are supported for SSL decryption? I can install the wildcard certificate but into the FMC but when I use it in my SSL policy I receive certificate errors when going to HTTPS sites. The wildcard cert is signed...

Network Security

Forum Posts

Resolved! What Equipment is Needed for CCNP Security Lab

Cisco ASA 5510 - denied due to NAT reverse path failure.

Firepower High Memory Usage

Resolved! URL filter rule for “directory” part in URL ?

Resolved! ASA 5516-x With Firepower services and active/active failover

firepower web interface password reset

Firepower 6.2 ASDM - syslog timestamp question

ASA PBR issue

FIPS Compliant verification

Downgrading Cisco FirePOWER 7020 Sensor

firesight report

Resolved! ASA -----User with low privilege

Resolved! ASA 5525X dropping all DNS queries

Firepower URL Filtering Download Failure

Resolved! FirePOWER SSL Decryption using Wildcard Certificate

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Cisco FTD portscan

ASA-AWS - EC2 IMDSv1 required for the PAYG license to be applied

how are blocking cookie and java be applied in real situation?

Comm test between subinterfaces and physical ports in ASA Firewall

Queries with Cisco Secure Client 5.1.3 & ISE

is this flow impossible?

DDOS and "Error processing payload: Payload ID: 1"

ASDM unable to login for v7.18(1)152

Logging Informational Configuration in Cisco ASA

ASA 5516X Memory (DRAM) Upgrade