Hi, I am planing to implement a NGFW (FPR1010E) in network. Will use it as gateway. All lan to wan traffic will be inspected. My query is if total wan bandwidth is 350Mbps and if i allow all inspection (lan to wan) will it be okay. Is 1010E can handl...
Hi!Can I reimage an Cisco Firepower 1010 with an ASA .bin image (like asa916-1-smp-k8.bin) or it would only work with an .SPA package?
Hello, I have a customer with remote offices spread around the world. We have a project where we going to exchange the ASA's with Firepower 1010's running FTD software and are managed by FMC. The peoples working in those remote offices are not techni...
I am trying to configure the ASA to allow the Internal Network to access web service provided by DMZ web server which is on the DMZ network. Above is my network diagram.In My ASA configuration. interface e0/0nameif insidesecurity-level 100192.168.20....
Hi Everyone, Customer is enabling EDNS which uses > 512B packets. This is then dropped by the inspection policy pasted at the bottom. What would be the best way to bypass this inspection? 1. disabling 'inspect dns' via flexconfig - that is somethin...
I would like to setup sort of a single source of truth for time on the network. Our WatchGuard box at HQ already has pool.ntp configured on it and our servers are then getting NTP data from the WatchGuard. I'd like to also have the ASA 5525, who is...
Hello Everyone,We are implementing the 802.1x authentification in our network and everything works quiet well with CIsco phones. The challenge we have is with NO Cisco devices . Please find below the list of devices we have in our organizatiion. Télé...
Hello.My task is to investigate IDS/IPS solutions for my enterprise.QUESTIONS:1. ASA "Firepower" technology-- can this solution be implemented with only one ASA running Firerpower, or is an additional server needed?2. This solution requires Firepower...
With Prefilter Fastpath, traffic bypasses inspection and is basically fastpathed out of the ftd device into what you may call a "toll bypass' hardware lane of some sort.With Prefilter Analyze the traffic does not bypass inspection....the question is ...
Is there any way that Snort can still block or drop a packet/traffic even if i already added a prefilter policy that sets as any any network and with fastpath? Also i have disabled all my access control policy except for default ACP that is set to "T...
We use the Cisco Firewall Migration Tool 5.01 on a MS Windows Server and cannot start the the tool. Error message: [INFO | cco_login.py] > EULA check for an user DEBUG | common.py] > session table records count:1[INFO | common.py] > Telemetry push : ...
HiI have a Cisco ASA 5506-X version 9.9(2)85, perpetual basic license with two WAN links - Primary (PPPoE to VDSL bridge) and Secondary (4G LTE modem/bridge).Although the 4G LTE modem/bridge is a L2 device, it has a mangement IP address which is reac...
Hi Cisco Community Right now we have an issue to migrate routing from Sonicwall to Cisco FMC VM as we found out that sonicwall can configure different Interface in one routing policy as per below. DMZ use X1 interface IP but gateway use X4 interface...
How to download all hashes stored on firepower management ?
Hello,Can't create NAT to inside from outside(pppoe) cause acl-drop in packet-tracernat (outside,inside) source static any any destination static interface TAAAS unidirectionalinterface GigabitEthernet1/1nameif outsidesecurity-level 0pppoe client vpd...
