Is it alright to put the IPS on both incoming and outgoing interface?i knew that we should put IPS on the incoming interface of gateway to protect our lan.But what if i want to prevent outside network from the attack perform by my asset in case of co...
Forum Posts
Hi, We have configured 2 Firepower 8350 (v5.4.0.7) with the same health policy, system policy, etc. In one of these if we go to "Connections events" we can se the events recevided, but not in the another one (its empty) On the another hand, we would ...
Resolved! is this flow impossible?
hi I want to connect to M1/1 through inside2 and inside. how can i make it? thank you best regards
Resolved! HA FTD 2110 SNMP
I have two FTD 2110 version 7.0.4 configured with HA. I have configured a policy in Devices>Platform settings targeting the HA pair, in order to poll snmp from their Management interface. But during the discovery of the Secondary/Standby device its n...
Hi I have been given a task to Install PKI Root / Issuing CA Cert Objects onto a new HA FMCv deployment. I have setup HA and preconfigured everything. I have been provided three certs one root and two .pfx files from the customer. labelled root.p7bfm...
Hello there, we have recently upgraded to Snort3 and have enabled portscan detection. I wanted to check what are the recommendations for whitelisting to reduce noise (considering the whitelisting options are very basic). Also how do you guys manage t...
Hello all,I hope all is well.I am working on a project in which I am configuring an ASA 5508-X firewall. I just wanted to gauge what peoples opinions on what is best practice.In terms of the outside interface on the firewall should I configure it wit...
Resolved! ASDM unable to login for v7.18(1)152
Brand new ASA, I had connected via ASDM. No updates to the ASA, though not aware of anything on the client side changing either. ASA is v9.18(2) with ASDM v7.18(1)152. On one desktop I had tried various versions of Java from 1.8 202 to now 1.8 411 an...
Hello, I have received an RMA for a failed ASA 5508, which was the primary unit in a multicontext configuration with SFR modules installed. Could you please provide the correct procedure for reinstalling this device in production? Additionally, if ...
I have configured below logging informational commands in my ASA but I am still not able to receive information logs from the firewall:logging enablelogging timestamp rfc5424logging standbylogging monitor informationallogging trap notificationsloggin...
HelloA few days ago we had a DDOS attack against our ASA 5545 firewall.Within a time window of about 15 minutes, almost 1,000,000 connections were established from slightly more than 10,000 Bot-Net IP addresses, which led to a high CPU load on the fi...
Good afternoon, Im currently trying to migrate a asa 5525 with a couple of vpns, subinterfaces, ACLs and nats using FTM to a FTD version 7.2 running on VMware. everything is being migrated as expected but im getting an error right before I "Validate"...
Resolved! ASA 5516X Memory (DRAM) Upgrade
We have an ASA 5516X with 8GB of DRAM, that we're looking to squeeze at least one more year of service out of. It's running FTD v7.0.6.1 and we're getting periodic warnings about Snort memory usage. (Right now it shows about 2.42 out of a max of ...
Hi All,I have question about Cisco FMC upgrade.In one client’s DC FMC 4700 installed and need to be upgraded to version 7.4.1, Currently it is running on 7.4.0.what could be the reason, do we need to change any config setting in FMC?Now the issue whi...
Hello,I am using a Synology unit behind a Cisco Firewall Device Manager and am trying to use a domain for external access. It keeps telling me I have to open port 80 for Lets Encrypt to verify my domain. I am not sure how to do this. Would it be done...
