Dearsi have an 2 no's of physical FTD in HA and in multiple context that are splited as an internet firewall and DC Firewall, hence as i know it is not a good practice from the security perspective can i know the disadvantages for the same.Thanks
The Original Client IP column in event logs is empty. Our webservices are protected by our CDN reverse proxy. We are receiving traffic fine from the Proxy, but due to the nature of anycast, HTTPS requests appear to be arriving from regions we do not ...
We are currently refreshing our device from EOL cisco asa 5500 series to Cisco FTD running asa image . however we see no connections when cables are moved from EOL Cisco asa 5500 to Cisco FTD 1100 . Cisco FTD is running an ASA image with 19.6 x versi...
Hello, I am looking for advice on moving one H/A pair of FTD's from one virtual FMC to another virtual FMC. The customer I work for is dividing the company and the firewalls we want to move, will be managed by a separate team. At first we thoug...
Hi Experts, The ASA 5515 reloaded automatically and caused multiple route flaps. The customer is requesting a root-cause analysis of why the device rebooted automatically. Could you please to steps to find out the root cause. Version: Software V...
HIQuick qeryWe havea VPN across the Internet to a third party from our FTD, If I dont add a Nat excemption rule for the 172.16.x.x netwotk does the traffic get natted to the Outside Interface nativley.??Thanks
hi out thereI have just upgraded a couple of FP2110 running FTD from 6.6.x to 7.0.0 which has run fine in most places without any interruption and so on.But I had an annoying issue at one site - a factory with around 10.000 workers - where i ran the ...
Hello,we are going to buy cisco asa 5555x, cisco asa 5585x.We are planning to use them in our company as a VPN server to connect users by Cisco AnyConnect.As we can see asa 5555x can support up to 750 vpn connections and asa 5585x can support 5000 vp...
Hi guys I hope you can help, I've been spending weeks looking at this and pulling my hair out it seems to be fairly common issue with nobody really saying what they did to fix it.First of all I'm using a Meraki MX100 as the headend for the VPN Server...
Hi Cisco Community Currently I have deploy FTDv with FMCv. All seem good but when want to deploy changes in FMC it shows failed. It also show inspect interruption for interface policy and security engine. May I know where to check on this error?
Greetings Cisco Community, I am looking to automate the process of adding intrusion rules to a Firepower device (FMC version 6.2.0). I was hoping to be able to use the REST API for this purpose, but looking through the documentation, it's unclear to...
Hi All, Going to upgrade cisco asa 5516-x firepower module to version 9.16(x) and asdm 7.16(1.150). If i execute show version it shows only asa software image (asa982-38-lfbff-k8.SPA) and same in boot system file (boot system disk0:/asa982-38-lfbff-k...
HiI have 2 FTD's being managed by FMC. I wan my nms to show me the interface utilization of the ftds. In platform settings i added the snmp configs but in solarwinds nms when i add the device it fails the test.Need some guidance to achieve above.Rega...
Hi, I am replacing an standby ASA in a HA pair, and the guidelines I have recieved are to remove HA configuration on current active, and then configure HA again on the Primary unit. Refering to Cisco documentation on setting up HA, I am a bit confuse...
As rules below: 10 access-list 102 permit tcp any host 192.168.1.100 eq ftp 20 access-list 102 permit tcp any host 192.168.1.100 gt 1023 What is History, benefit, using gt and lt (line 20)?Is there meaning in ports sequence number?Regards.
