In one or more of Cisco Press books, recall seeing the recommendation to not place any 4 tuple packet filtering rules in the main ACP but instead put them in the prefilter policy for performance improvements. In discussing with another FTD practition...
Forum Posts
Hi, I need to change the management IP of both FTD running in HA and FMC will be the same. Please suggest how to do it best way, as after de-registering from previously IP from FMC, we need to re-register to FMC with new IP.
Hello All,We have added FTD into FMC Device management. There is no Data being shown in FMC Dashboard. Could you please let us know how to get Data (Users/ Activity/ Active sessions) in our Dashboard.Your help will be very useful to us to analyze the...
Hi,We have changed the FMC password from GUI. We are not able to access CLI with local users and showing 'Access Denied'. Previously we could access with same password of GUI.We don't have any LDAP or RADIUS. Please guide to solve this issue.
Resolved! FMC and FTDv
Hi,I would really appreciate someone's help. I spent too much time and having no clue what's wrong..I have a setup of simple lab in EVE-NG. I've added a static IP to Firepower6 FMC (version 7.2.0) and works normally. I've tried adding a static IP and...
Hi,i tried to get a grip of cisco's semgentation solutions. i'm a bit overwhelmed by the information and don't know what to make of it. could someone please explain to me in simple words what trustsec and secure workload are and what their primary us...
I need to test to see If I'm still mapped to the Vlan after having removed the AAA mapping for the AD group I am mapped to. Ill verify the AD group used to map to ASA group Policy. Where do I go in ASDM to remove the AAA mapping for the AD group I am...
Hello,I am trying to connect to Firepower through our web gui and I keep getting a time out. I was unable to access our FMC to restart because our CPU was at 100%. So after adding more memory that fixed that issue but after restarting services I am s...
I have a couple other posts on this topic for ISE and FMC, but have decided to split them up so not to mix up answers for the different technologies.The server team will be replacing the existing AD servers with new ones shortly. The new servers hav...
Hello all, I have an issue regarding traceroute result "time out" passing through ASA to outside (public). I have two public ip addresses at ASA, one is assigned at outside interface which translate (NAT) for some networks (192.x.x.x/24). Another one...
Hello guys I need your help, I already have my firewall configured, but when in my Google browser (firefox, chrome and microsoft edge) I write my ip that I configured in the interface and connect with an ethernet cable, it does not respond. In the CM...
Hello Team,When it comes to shared services blocks like WLC, ISE, DNAC, and DHCP, do you typically deploy them behind the data center firewall in the data center block for an extra layer of security, or do you prefer to place them on the core side of...
Well, I already configured it, when in my Google browser I write my ip that I configured in the interface and I connect with an ethernet cable, it does not respond. In the CMD if I reach that ip.Firewall Configuration:Ping from my computerBrowser:
Resolved! FTD Manager ip address change
If the ip address of an FMCv manager changes in FTD, can I re-enroll the same manager without losing configuration artifacts by adding another manager with the same parms other than the ip address?To say it differently, is there ANY PROCEDURE that al...
Dears, I have issue with rules ,i created 2 rules from fmc ,Rule1 deny all internet access for specific network or vlan for example server vlan 172 Network 192.168.172.0 and 172 192.168.173.0 . and rule2 allow access network or vlan for example serv...
