Hi,I have two FTD's in HA managed by FMC. When i run a trace using same criteria on both the FTDS from FMC ui, i get differnt results on the primary active and secondary standby. sample traces are given below. Is it normal that only the primary acti...
Hi Everyone,I have 4 ISP's connected to my FTD 7.0.5 device ASA5508X with FMC 7.3.0. Now i have configured the 3 ISP's to route for our internal network and created a flexconfig for it then the other 1 ISP has been routed to my DMZ network and create...
Hi,I have recently installed ASAv from Azure marketplace for the first time and am experiencing issues related to a potential bug in software version 9.17.1.I need to downgrade to a previous known working version but cannot find any documents/guides ...
ise tacacs accounting logs no network-device comand history .How to achieve this requirement?
Hi, I'm telling you about my mistake, I have a Firepower 1010 firewall and I wanted to update the rules and analysis systems that the firewall brings, but it throws me the following error when updating any of the features that the firewall brings:"Pe...
Hi Team,What is the best way to give access to specific applications such as Webex, Zoom, Office365 anything for that matter.Regards,Sanjay S
Hello,I have a site A connecting to 2 sites, HQ and site B, over site-to-site VPN. On site A, the interesting traffic ACL for HQ has a 192.168.0.0/16. Also, it has another interesting traffic ACL for site B, which has a 192.168.150.0/24 subnet. This ...
What is the advantage of enabling sqlnet inspection and what is the down side of disabling sqlnet inspection "no inspection sqlnet"?I know very well the pro and con of enabling ftp inspection and disabling of ftp inspection but for the past five year...
We have a firepower 2140 as our perimeter firewall and is running ASA software. We are noticing the ASP-DROP counters increase at a very rapid rate. I did a "clear traffic" wait 1 minute "show traffic" and we saw we are dropping 12600 packets/s on th...
Hello everybody,our customer has many ASAs that wan not upgraded for a longer time.I want to upgrade them from rel. 9.8 to 9.12 in the first step.Is there a tool that checks the configuration (attached) if it is compatible with the new OS release or ...
I am trying to set up an SNMP poller to monitor both devices within a primary/standby pair. The poller can successfully access the primary device/contexts , however it does not seem able to access the secondary devices.The 2130 Firepower pair is run...
Hello, We have a Virtual FMC with a 10 devices license and we currently manage 6 FTD devices (3 failover pairs) We are now thinking about deploy a second virtual FMC and move 2 devices over to the second FMC. Will I need an additional licens for this...
Dear Community,We are using ISE 3.XX which integrated with AD. After login to ISE web portal ( GUI ) login AD credentials + DUO.Kindly help to recommend any required information / document support / guideline to achieve it.Does DUO can configure both...
Has anyone else seen an excessive amount of ESP probes being sent to every public IP address . Makes me think there's a new exploit out. Check logs on the routers. Haven't ever in past 20 years seen this much probing using ESP packets. Just a head...
Hello, When trying to create a subdomain in FMC, I receive the following error I guess I get this error because some of the L2L tunnels are managed by the same FMC. So what would be the best way to work around this issue? Should I delete the L2L ...
