Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...
Forum Posts
Hi All,I am facing an issue which I am not able to trace the destination ip and port of the whatsapp application in order to open it on the firewall?any advise ?Thanks
Resolved! Old NAT ASA Config Question
Hello Network Gurus,Just trying to figure out what is this NAT config for?global (outside) 1 interfacenat (inside) 1 0.0.0.0 0.0.0.0static (inside,outside) 10.17.1.5 10.17.1.5 netmask 255.255.255.255Saw this access list command as well:access-group O...
I'm trying to set up a transparent mode FTD on the FMC to allow L2 multicast IEC61850 goose packets with a VLAN tag to pass between inside and outside sub-interfaces.1. I created a BVI to bind inside and outside sub-interfaces but have no IP address....
we have three pairs of FTD 4100 series managed by an FMC 1600, yesterday we got an error on one of the FTD that says: Policy "policy name" has been altered since "timestamp". Retry deployment we didn't deployed anything on this particular device. D...
Resolved! FMCv300 Resources
Hello community,currently we have started with implementation of FMCv in our network.Since we need to manage more than 25 senors I suppose there is no other option than to go to FMCv300.My question is, is it possible to modify/ downsize resources req...
Hi All,I have a cisco FPR 2130 i have connected eth1/13 and eth1/14 with 10G LR SFPs with a device called IXIA its a point to point connectivity. On IXIA i have an SFP called (Ixia, QSFP+ 40GBASE-PLR4 40GE pluggable optical transceiver, SMF (singlemo...
Hello. I've been working with the Cisco API interacting with different FMCs for a while, and I notice that every physical device has the same domain UUID, which is "e276abec-e0f2-11e3-8169-6d9ed49b625f".In my side of the API programming I considered ...
I'm having issues with my networks not being able to resolve websites. I'm trying to configure DNS servers on internal segments without putting them on the public network. So basically, port forwarding ideally, I would like to have one DNS server in ...
Dears, I have three questions, Please answer Please find the attached error. whenever i navigate to edit the ACP , i get a pop-up as per the attached , also when i save after doing any changes i get an a attached pop-up error, hence it is a bug ...
Resolved! Cannot ping across Cisco Firewall 2110
I have a bit of a unique situation which I am struggling with. The topology is a bit weird so let me explain the end goal. We want to physically separate the two sides of this network into two autonomous networks with each side having their own firew...
Hello,I have a site to site vpn that works just fine, however when I tried to NAT traffic from my INTERNAL network with a pool NATPOOL over that vpn tunnel, the traffic simply doesn't work, what I tried is to implement the following nat rule but stil...
Resolved! Edit CSM_FW_ACL_ on Cisco FTD2100?
I can't find anywhere on the FMC on how to update this. Can't find any documentation either.
Is there a way to limit the amount of SSH sessions to the FTD CLI?
Hi,The result I am trying to achieve is blocking the ICMP traffic from 192.168.100.101 pc (inside traffic) to 192.168.101.00/24 (outside) trafic.I've configured an ACL, but for some reason the ICMP still travel through ASA:access-list outside line 1 ...
I noticed one of the policies on the FMC is out of date i.e not updated/deployed on the Firewall.I am not aware what changes were done on the policy and I want to avoid going through each and every rule to find that out.Is there way I can rollback ch...
