I have about 8 FTD's deployed port-channeled and trunked to a Catalyst 9200/9300 switch. All of the switch ports connected to the FTDs show a lot of discards. I honed in one of them to see if bandwidth was overutilized and found only 100Mb/s was us...
Forum Posts
Resolved! FMC update error
Im trying to migrate from Virtual FMC to Physical. I need to update the VDB on the virtual to match the Physical but when running download updates in the system>updates tab I get error: peer certificate cannot be authenticated with known CA certifica...
We have several remote sites connected to us via Layer 2 connections using several different providers. (EPL, ASEoD, wavelength) We'd like to encrypt the traffic on the /30 network between each site. What's the best way to do this? IPSec tunnels? ...
Hi there,Happy New Year to you all.We started receiving MAC level error notifications from AWS.We have a single fibre direct connect presented to a Cat9300 switch, this is split and connected to FTD-2140 active/standby HA pair.I don't see any errors ...
Hello,Id´like to configure IP SLA monitors SNMP trap with Zabbix server on FTD through FMC. So i would like to know when the IP SLA is down, but i can't find SNMP OID for this rule. As i research from internet i need RTTMON MIB but it is unaviable ne...
Hi all,we have a greenfield project in which ISE and FTD is part.what will be the outcome/output to integrate FMC and FTD with ISE?
Hi,We have recently updated our FMC to version 7.4.0 and can no longer search for multiple rules when we paste them into the search bar, before we would enter something like rule1;rule2;rule3 etc and it would display just those rules. So when we have...
I am trying to install the REST API "asa-restapi-7161-lfbff-k8.SPA" on a FP 2130 with 7.20.2 and I am receiving this error.rest-api image disk0:/asa-restapi-7161-lfbff-k8.SPA/bin/sh: /asa/scripts/install_iso.sh: No such file or directoryERROR: Faile...
Resolved! Question about FMC
Hello everybody. I have questions about FMC and FirePower can you help me if you know?1. What happens if i install FMC in my server as VM to configure my FirePower, and i reinstall FMC VM after server crashing? Configuration will be saved on FirePowe...
Resolved! View External IP's configured on ASA
Hello, How can I see the external IP's that are configured on an ASA via the CLI? Thanks,
I'm pretty sure this cannot be done, but need to confirm.I configured an ASA with 2 contexts, the customer expected that I could share the same IP address space outside for both contexts using the same physical interface. Wjen I configure the outside...
Resolved! ASA 5520 Connectivity to the internet
Good day all;I am trying to migrate from ATT to Comcast internet currently my Outside interface is 199.1.145.6 and the following settings s as follows:access-list acl-in extended permit ip any host 65.163.193.100global (outside) 1 65.163.193.100globa...
Can't seem to retrieve certificate from our internal RootCA. The device is a Catalyst 9300.Current configuration:crypto pki trustpoint ICERootCAenrollment mode raenrollment url //infr-svr-cert02:80/certsrv/mscep/mscep.dllrevocation-check crlauto-enro...
Resolved! ASA 5525 code from 9.14.4 to 9.12.4
Hi, We are running an HA pair with ASA 5525 using code 9.14.4, but there is a newer patch with the 9.12.4 code that I want to use instead. Has anyone gone through this upgrade before? Or are there specific considerations we need to be aware of? I've ...
We're running FTD 7.x on various FPR 2100 and 1100s. We have an asymmetric tunnel that we need to be able to sed pings through. TCP Bypass is working fine, but the ASP is dropping return echo-replies. Our understanding is that by disabling ICMP inspe...
