Network Security

Firewall Migration Tool v7.0.0.1 now live!

Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...

ASR 903 - IOS XE Software, Version 03.13.01.S - mpls-tp

Looking for example of working mpls-tp configs for ASR 903. 1) using "unnumbered" interface 2) numbered ip interface 3) epipe 4) vpls =============================================================== Following the Cisco ASR 903 documentation I am unabl...

Resolved! Tracking remote logon access to my 3750 switch

I need to know if someone logged into my switch without my knowledge. Is this information in default logs?

FirePOWER SSP 40

We have bought ASA 5585-X with one SSP 40 on slot one "ASA5585-S40-K9" and now we want to add FirePOWER capability to this device. As I checked it seems there's FirePOWER SSP 40 card which we can buy and install on the slot1 and now I just need the c...

Cisco ASA-5585x [SSP 40 vs. IPS SSP 40]

Dear All, We've bought "ASA5585-S40-K9" and "ASA-SSP-40-K8=" which we end up with one ASA 5585-X chassis and with two SSP-40 card installed in both slots and now customer security team request has been changed and they are asking for IPS functionalit...

Resolved! Cisco ASA 5506 upload firmware issue

Hello all; ASA noob here. As subject says; I have a 5506-X running ASA 9.4.1 (3) and ASDM 7.5.2 I cannot upload a new version of the firmware, or downgrade to an older version. Any attempt that I make, no matter how (via TFTP, ASDM Gui updater, ma...

ERROR COPYING DISK0: no space left on device

Hello, i am trying to copy the Anyconnect packages to our ASA and getting the below error. %Error copying disk0:/anyconnect-macosx-i386-4.2.01022-k9.pkg (No space left on device) show disk0: output shows that there's 98 mb free on the device. show...

Resolved! ASA 5505 Anyconnect no return traffic/can't ping anything beyond firewall

Hi All,I have a bit of a problem with my any connect setup (probably NAT exempt) I can setup a any connect connection without issue but i am unable to reach anything beyond the firewall. It seems i have no return traffic.If i log in to the firewall i...

Resolved! NAT Exemption And Identity NAT

Can any pleas tell me what is difference between NAT Exemption and Identity nat,

ASA 5512 Nat control

I have ASA 5512 with version 9.4(ASDM version 7.4). ASA is connected to load balancer (Ascenlink). I read than we can disable nat control after version 8.3.i looked inside configuration and ASDM, i didn't found no nat control.how can i do that. I wan...

Migrate VPN pix configuration to ASA 9.X configuration

Hello ALL, I want to migrate this PIX configuration to my new ASA configuration. Any help to translate this ? crypto ipsec transform-set myset esp-aes-256 esp-md5-hmaccrypto ipsec transform-set strong-des esp-3des esp-sha-hmaccrypto dynamic-map ci...

ASA stay in boot loop and generates error "ERROR: FIPS Self-Test failure, fipsPostRsaKat [0:1:-1:-1:0]" using asa931-smp-k8.bin

Hello Cisco Security Team, My Name is Moustapha I am Network Admin in Small Company and i am using Cisco ASA 5515-x i want to add a new I/O Slot ASA-IC-6GE-SFP-A MODULE or 6 extra interfaces and when i fix the module properly and i restart the ASA ...

ASA 5516 No Internal Network Access

Good morning, I have 2 5516-x's in place at one of our remote locations, site C. This site is a failover site. Well, not at the moment because the site to site tunnels do not allow internal network access. Both site A and site B connect to site C...

Resolved! ASA 5506 Sourcefire module stuck in Recovery

I executed these steps:debug module-boot sw-module module sfr recover configure image disk0:/file_pathciscoasa# sw-module module sfr recover bootThe debug says it is complete, however it never gets past recover mode. Here is the debug: ASA-FP# sw-mo...

Contextual Awareness with AD on v6.0.0

Good Day All! I have customer very keen to fix the whole issue with version 6.0.0 release in their environment as of currently they just migrated their network and security devices to Cisco. However we ran into some issues with their AD on version 5....

Resolved! SFR sensor registration with FireSight over VPN - Not Working

Hello security experts, I have an ASA5515-X with SFR 5.4.0 installed and manage it with FireSight 5.4 installed on VM on LAN and I can register the sensor without any issues but when I try to register the sensor to FireSight over VPN I cannot do it. ...

Network Security

Forum Posts

Firewall Migration Tool v7.0.0.1 now live!

ASR 903 - IOS XE Software, Version 03.13.01.S - mpls-tp

Resolved! Tracking remote logon access to my 3750 switch

FirePOWER SSP 40

Cisco ASA-5585x [SSP 40 vs. IPS SSP 40]

Resolved! Cisco ASA 5506 upload firmware issue

ERROR COPYING DISK0: no space left on device

Resolved! ASA 5505 Anyconnect no return traffic/can't ping anything beyond firewall

Resolved! NAT Exemption And Identity NAT

ASA 5512 Nat control

Migrate VPN pix configuration to ASA 9.X configuration

ASA stay in boot loop and generates error "ERROR: FIPS Self-Test failure, fipsPostRsaKat [0:1:-1:-1:0]" using asa931-smp-k8.bin

ASA 5516 No Internal Network Access

Resolved! ASA 5506 Sourcefire module stuck in Recovery

Contextual Awareness with AD on v6.0.0

Resolved! SFR sensor registration with FireSight over VPN - Not Working

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Problem with ssl decrypt-resign on Cisco Sefure Firewall

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

Cisco FTD workaround for SSE connector failure stumbled on rights priv

Assigning an EtherChannel Subinterface to an Instance via FMC API

EU compliance certificate Firepower 1010 NGFW

Firepower 1010 readiness check stuck at "Please Wait"

OpenSSH regreSSHion vulnerability in FMC

Hyper-V VHD image for FMC virtual

Cisco Packet Tracer ASA 5506 Prevents Access to DMZ Servers