We have an Firepower 4110 running 7.0.4 managed by an FMCv running 7.0.4. We've been dealing with a nat exhaustion problem recently, so I've been watching asp drops to make sure the issue is resolved. In the meantime, I've noticed the firewall is rep...
Forum Posts
I am admin of a FTD cluster in a Cloud Delivered FMC, and we are In the process of a migration process. There is over 400 vlan interfaces. We need to be able to shut/no shut them on cue from the ISP etc during the process, and in worst case revert th...
Hey folks, I know this might be a bit off topic, but I’ve been looking into DMCA ignored hosting and was wondering—does it actually protect your content from takedown requests? Is it truly safe or just marketing hype? Anyone here have real experience...
Is there a way to apply the same change to multiple rules within an access control policy?Recently I had to enable logging on every single rule withing an access control policy and now I have to enable the IPS policy to every single rule. Is there a ...
I have a Cisco ISR 4431 with an extended ACL using network/service groups. One of my network object groups is called Abused_IP and I normally add in hosts/network which I suspect is doing port scanning etc when I go through my netflow analayzer. This...
Hello,Have two 3130's. Set up individually and then set them to do HA. Come to find out we are going to use SFMC. SFMC requires the HA can only be enabled AFTER the devices are connected to it. I broke HA and expected the original IP I used for the s...
Resolved! Juniper to Cisco ASA
Hi 2AllWe are moving from Juniper Firewall to Cisco ASA.Are there any config migration tool from juniper to Cisco.Are there any cisco ASA simulator to get some hands on.Is it recommended to have 8.3 or 8.2 software version on ASAAny recommended books...
Hello,FTD's 2110 running 7.4.2.1 in HA. and ultimately trying to setup a site-to-site vpn between this FTD pair and anther FTD pair at our other datacenter. However, right now I'm just trying to route plain old internet traffic out of my second outsi...
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) in cisco Catalyst 9300 We have run vulnerability cisco Catalyst 9300 and we find the above vulnerability. All software is up to date.#show ip sshSSH Enabled - version 2.0Authentication method...
Hello everyone, I'm having a situation at a client which previously (1 month ago) had a FMCv 6.2 version whis was working fine untill one night. For some reasons the database of the vm has crashed and we had to rebuild the vm (no problem here - life'...
Resolved! Cisco SNS 3755
I am trying to use the fiber connections on the SNS 3700 but I am unable to ping the appliance. The ip address is configured on the appliance on port 0 but the appliance is shown to be connected to the switch on port 2. Is this correct or is there so...
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy19415 -> Is this a default behaviour of FTD Devices in HA Pair ?Active Secondary FTD device is sending syslog messages using the hostname of the Standby Primary device
Resolved! FTD SSE Connector Service down
Hi to all,i am running a pair of FTDs in HA. They run 7.2.8.Suddenly the backup pair started announcing that the SSE Service is down (please see attached png for FTD-2).The primary FTD (FTD-1) works OK and the SSE Service is user disabled as i have d...
Hi all, Now we are using RA VPN in Different firewall ,Will enable RA VPN In FTD manage by FMC Flow -External user -Permitter firewall FTD -RA VPN firewall FTD - AAA-Cisco ISE -Mostly Authentication -Certificate + OTP Now our main concern is how ...
Hi, I am moving from 5506x working in asa mode to firepower 1010 in ngfw mode. It is being used in a remote location mostly to protect web servers in a datacenter and I want to monitor the temperature of the unit (Munin is charting the data). For 550...
