Hello,Can someone help with OIDs for SNMP NAT monitoring on Cisco Firepower devices? Does Firepower support CISCO-NAT-EXT-MIB for NAT or is there a firepower specific mib to find NAT related metrics?Thanks in advance!
Forum Posts
Hi,I found the CISCO-IPSEC-FLOW-MONITOR-MIB that contains OIDs to monitor params like Local Peer IP, Remote Peer IP, Tunnel Status, Encryption Algo etc. for Site to Site VPN. Also, CISCO-REMOTE-ACCESS-MONITOR-MIB that contains OIDs to monitor params ...
Resolved! Two Firewall in Different Locations
I have 2 firewalls in different locations (FW1 in City 1, FW2 in City 2). I also have 1 FMC located in City 1. How can I configure FW2 in City 2 if my FMC is in City 1?
High-severity vulnerability CVE-2025-20111 is related to Nexus 9k standalone mode and could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial-of-service (DoS) condition. This vulnerability i...
Hi All, I heard that there is a 90 day evaluation copy of FTD you can get from Cisco. But look like when I tried to access Demo License Section with my Cisco ID it is giving some error related to my id is not associated with required service contr...
Does anyone know if there are any functionality limitations on the lower-end FPR models like the fpr1010? I have a client that is looking to replace 5516's at their main site and DR site with fpr1140s. But it's occurred to us that since the DR is alm...
Good Evening... We are running ASA 5545X with 9.14(1) / 7.14(1). I am wondering if there is a CLI command to see the local password expiration in days?? Like showing the number of days left before the password expires. I understand in ASDM I can view...
Hello, I'm unable to clear health alert "Interface Status" in FMC ver 7.2.5 after enable a pair of subinterfaces in the FTD. The detail of error is: Interface 'Ethernet1/6.250' is not receiving any packetsInterface 'Ethernet1/6.250' has no linkInterf...
Hello,I have configured a switch on ios 17.12.4 with the following command 'crypto key generate rsa general-keys modulus 2048.' Upon entering this command the following was output in the console:crypto key generate rsa general-keys modulus 2048' is a...
How to interrupt command line output on ASA,I try to press "Ctrl + C" ,but no response .
Trying to deploy both Web-Cache and HTTPS 443 WCCP to an FTD. I can get the 443 tunnel up, but not the Web-Cache, the deploy fails.Lina messages FMC >> clear session FMC_SESSION_1 accessMain-3120-SFW >> info : WARNING: This might result in parallel a...
Resolved! Bidirectional ASA ACL to FTD ACP
One of the things discovered with the Migration tool is it assumes the Inbound for an interface is default and only recognizes outbound. I have 3 DMZ interfaces that I control traffic from servers inside the DMZ to have access to other interfaces an...
7.6.0 is listed as both affected and fixed. Please can this be confirmed which is correct?
Palo Alto has a function in their firewalls called policy optimizer that can identify applications seen in a port-based access rule and then convert those rules to application based. I have not seen anything equivalent in FTD, so what’s the best stra...
Hey guys. I posted a few months back about an FPR issue I was having. I had an inside interface 192.168.1.1 and my outside 100.1.1.1. No NAT. Not going out to the internet. I wasnt able to ping from outside in. So I made an acl:access-list OUT-IN ext...
