In the installation of FTD 7.6.2 (recommended version) in a new Cisco Firepower 1120 loaded with ASA v9.20.3. We attempted to reimage the appliance using the console USB port. We downloaded the installation image from the Cisco Software portal (check...
Forum Posts
We have a Cisco ASA 5585-x in multi-context mode in our environment. I did a packet capture in one of the contexts and analysed the same on CLI. However, I would like to export it and view the same on Wireshark but my attempts were not successful. I ...
For ASA webvpn we request a certificate from the client which is checked against an internal CA.We have configured revocation-check with protocol ldap and it is working.Certificate has CRL URI:ldap:///CN=xyz.-abc-CA2(4),CN=ABC-CA,CN=CDP,CN=Public%20K...
Resolved! FMC, pxGrid and SXP
Hi,Quick clarification. In the FMC, when it says "Subscribe to SXP topic", does it mean that the FMC gets the SGTs data from SXP over pxGrid, right? That's why we need to have the "Publish SXP bindings on pxGrid" checkbox enabled in ISE and there is ...
Good Day All, Hoping you can help me here. I have an old SKU for FMCv on vmware. (FS-VMW-2-SW-K9) Though I'm trying to renew the support SKUs attached to as well. (SWSS/CON-ECMU-VMW) However, because the above FMCv SKU is end of sale. Is there a gene...
I have experienced the weirdest thing. I converted a fpr-1010 from ASA to FTD. I only had port 1 and the management port connected. I was able to configure it, obtain licensing and test out anyconnect. As soon as I would connect anything to any o...
Hello,I am a little confused about the following statement on the document Security and VPN Configuration Guide, Cisco IOS XE 17.x - IPsec Anti-Replay Window Expanding and Disabling [Cisco IOS XE 17] - Cisco"Moving QoS scheduling before the encryptio...
Good Day Everyone.I have a Cisco Firepower Management Center for VMwareSoftware Version 6.5.0.4Operating System Cisco Fire Linux OSOperating System Version 6.5.0that is attached to an ASA5508 Can I safely shut down the Firepower Management Center VM ...
Hi Community,Before upgrading FMC to version 7.4 or later, please verify whether you have an FTD or eStreamer service connected to the FMC in the subnets 172.18.0.0/24 or 172.18.1.0/24. This is important because, after the upgrade, two additional i...
Resolved! FMC External Authentication
Hello,We have Cisco FMC, version is 7.0.1I would like to configure access to the FMC based on AD Groups, integration done thought LDAP. At this moment we have 2 AD groups:First - Full Access (Grant-FMC-Admin), Second - Read Only Security Analyst (Gra...
Hello everyone.I'm currently setting up a FMC and while attempting to use external authentication via LDAP, for some reason the FMC is not querying properly.Basically whenever I attempt the test the query, it only finds user machines and groups CNs ,...
I've setup Remote Access VPN on FTD 1120 using FDM method. I've used the following link to configure the firewall. https://www.cisco.com/c/en/us/support/docs/network-management/remote-access/212424-anyconnect-remote-access-vpn-configurati.htmlThe iss...
Resolved! Talos Connectivity Problem
Hi to all ,i am getting many messages as the following:Severity: criticalModule: Talos CommunicationDescription: 3 modules failed:* URLDB- Failed to retrieve beaker inventory* LSP- Failed to retrieve beaker inventoryMy subscription is active (it expi...
Dear Team, We have requirement to configure GRE TUnnel with Zscaler in Cisco Firepower Is it possible to create GRE Tunnel From Cisco Firepower ? if it is possible can you share any document for this configuration Regards,Harmesh Yadav
My team recently stood up Cisco's Secure Network Analytics (SNA) utilizing it's Adaptive Network Control (ANC) Policy enforcment with ISE via pxGrid but SNA is using the default alarm thresholds which are triggering quarantines within the production ...
