Ok, Going to ask a simple one here. Hopefully someone can help me out.FTD 1140n managed by FMCv. Both running 7.0.4. Setting up my first rule that looks to block IPS and malware from getting to my inside interface connected subnets. Everything looks ...
Forum Posts
Hi all, I have a bunch of newer (4-5 month old) Cisco FPR-1010 devices. I have the outside interface plugged into a broadband modem with static IP. Sometimes the ISP has issues (Internet goes down intermittently) When it eventually comes up the outsi...
I created a second admin account on my FMC 7.1 but it only works with the GUI. When I try to use the console I get "login incorrect" and when I try SSH I get "access denied". Any ideas? TIA,Diego
Hi,We have an ASA configured as shown in the attached PDF w/topology included. We are using an Exchange email server. We can receive emails, however, outgoing emails seem to just go nowhere. All other traffic seems to pass without issue. What am I mi...
Hallo,we're setting FPR with ASA Image for VPN remote access. The users will get private IP addresses that are routed in the local LAN, so no NAT in between. As far as I understand now, these IPs are reachable from anywhere in the LAN. How would I se...
I have got another problem I am trying to solve... When I use this URL to get the access rules for a policy, it gets the rules for its parent as well... “/api/fmc_config/v1/domain/{domain_id}/policy/accesspolicies/{accesspolicy_id}/accessrules?limit=...
Hi I have read a statement same-security-traffic is not applicable on FTD. Traffic between FTD interfaces (inter) and hairpinning (intra) is allowed by default, so i thought multiple interface in same security zone in FTD by default allow Communicati...
Hi,I have to replace a Cisco Firepower Management Center 2000 with a FMC 1600. Cisco does not support this migration path. The FMC is standalone, managing 2 FTDs in HA. Current software version is 6.4.0.14. What would be the best way of the replaceme...
Hi team,I am using the API to create an access policy with the following URL with the POST action. {{protocol}}://{{hostname}}/api/fmc_config/v1/domain/{{domain_id}}/policy/accesspolicies The data (body in the POST) is like this. The prefilter poli...
Hello everyoneIP have a problem - my FXOS control drops intermittently (see the screens)Only power-off and on helps but not so long, for about 3 monthsI thought there is a bug https://bst.cisco.com/bugsearch/bug/CSCvi87019, but FXOS ver. is 2.8(1.105...
Hello.On an ASA 1120, what is the result of placing on the outside interface, an ACL with a single entry "permit IP any any"?Thank you.
Hi all, I've been playing around with the REST API for FMC today, as I need to test migration from our current ASA Platform. Ideally I'd like to use the API to bulk create subinterfaces, to save me doing it in the GIU (and to ease deployment time). I...
Would this be a legitimate Nat statement on the ASA if I have a router in parallel with the ASA on the same inside subnet? (router also has an IP from "outside" subnet). It is in parallel to take VPN load off ASA.nat (inside,inside) 1 source static i...
TAC has said that this is a bug in version 6.7 and an update is required. This behavior shown is a cosmetic error and has no real impact on your devices. It happens because of depricated features on version 6.7 This is described on the bug: https://b...
Hi,Since 2019 we are using ASA running on Firepower2120. We started with ASA 9.10.x through 9.12.x, 9.14.x and yesterday upgraded to 9.16.3.23.We have four Firepower2120 devices, and two of them are running in multicontext active/active HA mode with ...
