I am planning to upgrade FTD 7.0 w/ FlexConfig on:ECMP Zone (1 outside interface and 2 inside interfaces)EIGRP configurationtowards FTD 7.4I understand that the FlexConfig on ECMP zone and EIGRP are not supported but must use GUI to config / re-confi...
Forum Posts
Hi, When users are trying to get connected to VPN from Remote machines. They are getting below Err. Some one could help me in fixing this issue by command line. "VPN Establishment capability from a Remote Desktop is disabled. A VPN Connection will...
Hi All, I need your assistance and guidance regarding suspicious traffic attempting to access our Nginx application servers. I've observed the following in our server logs: A seemingly suspicious request was made to an application. Please check the l...
Hi Everyone,I want to know how can I download Key from ASA Firewalls. In ASDM while generating CSR, i have generated a key with name "ASDM_TrustPoint15". how can I download only this key, not the CSR.Thanks,Swathi
Issue Summary:Our FMC is running on version 7.2.9 (build 44). The Threat license is out of compliance, but we should still be able to update manual feeds. However, we are facing issues when updating Security Intelligence (SI) feeds manually.Observed ...
hiwe are having a PIX Firewall with the specifications as mentioned below .I want to know if the RAM for this hardware model can be upgraded (i.e can additional RAM be appended in the same hardware box) or not ?Platform : PIX-515E , Version : 6.3(...
Have an FTD (v7.4.2.2) configured and shipped onsite. Now that it is racked onsite, I can't log in via https, only ssh. When I try to bring up the webpage in Edge, I get a connection timeout. When I do a test-net on port 443, the port shows open. Man...
Resolved! newbie question FPR 1010 FTD
Newbie question trying to learn more on FPR setup.I have a setup looking like thisISP -> FPR 1010 FTD (192.168.10.1) -> UDM PRO gateway (10.90.22.1) -> Unifi switchWhen i turn on my NAT rule on my UDM for my Vlan 22 (10.90.22.0/24) im no longer able ...
Hello,I need to remove a sub-interface and I need to add a sub-interface.I'm unable to do either. If I try to delete one of the sub-interfaces I find that there's no provision for it (no trash can icon). I'm unable to toggle the interfaces in Edit mo...
Hello, I have two routers 1121X and 4221, and when i tried the penetration testing, i got the result below:# algorithm recommendations (for Cisco IOS/PIX sshd 1.25)(rec) -diffie-hellman-group-exchange-shal kex algorithm to remove(rec) -diffie-hell...
I have an ASA pair configured for active/standby failover. However they don't seem to be generating syslog events related to failover status. Do I need some specific configuration for this? Are some contexts simply unable to log these events?Conte...
Resolved! Disable SSH Algorithms on CISCO Switches
Our CISCO 9300 Catalyst switch has a weak SSH algorithms like KEX and MAC ciphers. Specifically the ones listed below and replace them with non-deprecated algorithms. The instructions I have found have been misleading and commands are inaccurate. Any...
I am going through and doing some file maintenance/cleanup on our FTDs, and I have two directories that seem to have the same contents. I'm not sure if I need both, but all of my FTDs seem to be maintaining both sets of files:ls -la /ngfw/var/sf/upd...
Hi Community! I stumbled across a weird one I am still diagnosing with TAC, still TBD if we are hitting a bug, but during my research on this I stumbled across a interesting topic. LINA and SNORT both manage there own session tracking...
Resolved! Session TImeout in Firepower
I am using Cisco Firepower with FTD 1010 Version 7.0.5, I want to implement web session timeout and ssh timeout, I just seeking help in configuring through flex connet or any other?
