Network Security

Firepower SMTP Block Malware

Hi, On our Firepower system we block all incoming malware after file lookup. We have an issue on incoming SMTP traffic; because the incoming malware has been blocked (and connection is reset), the sending SMTP will retry to send us the same mail wit...

how to backup and/or restore rsa host key for ios-xr

So it seems the rsa host key is stored in a database in one of the ios-xr filesystems. I've been tasked with restoring both RSPs on router, and while having backup configs, licenses, and snmp folders have all been prescribed, I'm very concerned about...

ASA CX module installation problem

We recently purchased a license i.e. ASA 5512-X CX Application Visibility and ControlAs part of the process we had to install ASA-CX module ; We caught up in trouble while doing that.As per the manuals , we did upgrade the ASA software (to 9.1.2) alo...

Cisco ASA 5506-X Help with AnyConnect VPN Client Connection

I have a new ASA 5506-X. I would like to connect to it from my Windows PC using the Cisco VPN Client on my PC. I did not purchase any special licenses with my 5506-X. Are VPN connections supported to this ASA out of the box or do I need to purchase a...

ASA PBR Hairpin Issue

My objective is to intercept traffic from a particular subnet (192.168.5.0/24) that has been directed to the ASA as the default external route and then redirect that traffic to a proxy server that exists on the ingress interface. I've set up the PBR...

Resolved! firepower ips config guide

folks I have a pair of 5585x boxes with firepower and I have to set up the firepower ips I only want ips so I'm looking a simple guide to understand how to configure and deploy a firepower ips policy can someone point me in the right direction please...

Lots of connection with UfrIOB Flag

Hello, For particular one session we are seeing lots of UfrIOB Flag. Any reason for that ? tap-glm XXXXXX:2917 glm-old-backend YYYYYYY:80, idle 0:00:43, bytes 1257, flags UfrIOBTCP tap-glm XXXXXX:2915 glm-old-backend YYYYYYY:80, idle 0:00:43, byt...

SNMP Traps for DMVPN Spoke/Hub Routers Using PKI

Hello, I'm trying to find information about PKI SNMP Traps for DMVPN spoke/hub routers using PKI. I found a document that touched on it but it was related to a Cisco router configured as a CA server. I need to know if there are SNMP PKI traps for spo...

ASA to SW-Module communications - troubleshooting potential packet loss

Hi All, I wanted to share something that I've found useful during troubleshooting. [Sorry for the wall of text in advance] I have on open TAC case where we see some issues with the Firepower Control/Application features. Basically, we have an ACP rul...

Citrix receiver error connecting through ASA VDI

we Have configured ASA Remote access web ssl vpn and configured the VDI Access to Xenapp 7.11 application when we try to open the application it is given us error (HdxSdkErrorDomain_Session error8). we have recently upgrade GeoTrust ssl certificate...

Resolved! What is my current traffic load ? - Cisco ASA

This would be a mostly talked question, would like to conclude from a Cisco TAC. How to calculate the current traffic load Mbps from the traffic logs. 1. clear traffic 2. show traffic 3. Go to Aggregated traffic section I am sharing a sample output...

FirePower 6.0.1 bug details needed

Hi all, I suspect my FirePower are hitting the below bug because everytime application opening/closing for traffic surge the Firewall(or FirePower) will experience few minutes of traffic dropout and recovered by itself. http://www.cisco.com/c/en/us/...

MAB and Cisco ACS 5.8

Hi, We are trying to configure standalone MAB feature for the authentication of devices based on MAC address only. Here is the relevant configuration for the switch: interface GigabitEthernet1/0/23 switchport access vlan 5 switchport mode access swit...

Resolved! Can you mannually Download the VDB updates?

I have to install an ASA with FirewPOWER service in a completely isolated environment with no internet access. Is there a way to manually down load the IPS signatures then manually update the database? if so where would I download these from? I have ...

OVAL file in Cisco Advisory

Hello,I have a question about OVAL file from advisory http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ios-ips. Is it right that all line tests have the same states?

Network Security

Forum Posts

Firepower SMTP Block Malware

how to backup and/or restore rsa host key for ios-xr

ASA CX module installation problem

Cisco ASA 5506-X Help with AnyConnect VPN Client Connection

ASA PBR Hairpin Issue

Resolved! firepower ips config guide

Lots of connection with UfrIOB Flag

SNMP Traps for DMVPN Spoke/Hub Routers Using PKI

ASA to SW-Module communications - troubleshooting potential packet loss

Citrix receiver error connecting through ASA VDI

Resolved! What is my current traffic load ? - Cisco ASA

FirePower 6.0.1 bug details needed

MAB and Cisco ACS 5.8

Resolved! Can you mannually Download the VDB updates?

OVAL file in Cisco Advisory

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Cisco IPS & Symantec ATP CAS - Oracle Java

Question on S2S Tunnel to Azure using FTD or Azure Native S2S

Setting out TCP MSS on FTD only for non-ipsec endpoints

Cisco Stealthwatch ipfix exporter

FTD Configuration Resource Utilization

Emergency Reset Appliance

Cisco 2130 FPR Upgrade

FTD issue with Anyconnect authenticating via AD

Windows Directory Rule on FMC

VPN failing to come up following migration..