Hi All,I'm currently deploying a pair of FTD 3140s in active/standby HA. During testing when rebooting or powering off one of the FTDs, we are seeing about 15 seconds of downtime which is due to the default peer poll time of 1 second and peer hold ti...
Forum Posts
Resolved! Firepower 1120 HA active/active
Hi,I have to Firepower 1120, and I want to configure them as HA active/active.Is this posible?
Hi All,Hope everyone is doing great. I have upgraded my FTD Snort V2 to Snort V3 last weekend and it was successful but i ran into some roadblocks.Here are the list of problems encountered below:1) Error pops out that AMP cannot connect to cloud2) tr...
Hi,We recently staged our Firepower 2120 from ASA to FTD 7.4.2.2 and are managing them with FMC 7.4.2.2.The FMC shows the chassis serial numbers for all Firepower 1120 and 1150, but it does not do it for the Firepower 2120. On FTD via CL the serial i...
Hello, I'm going to upgrade my FMC from 7.0.7 to 7.4.2 directly without upgrading my FTD (7.0.7), I'm using Flexconfig configuration used for PBR. I read that starting from FMC 7.1 flexconfig configuration will be removed from FMC and it needs to be ...
When creating a third party SSL cert for VPN using FMC 7x do you use the Intermediate or Root certificate for the CA?Thanks, David
Resolved! fs-vmw-2-sw-k9 SKU migration
Hello Cisco Community, I would like to know if the existing FS-VMW-2-SW-K9 license available in a client's Smart Licensing portal can still be used to activate a new FMCv instance. Given that Cisco has announced the End-of-Life (EOL) for the FS-VMW-2...
Hello,I've successfully configured an external syslog server on FDM, and it's receiving messages correctly. I've set the Default Action Block to send syslog messages, and those are arriving as expected on the external server (among other messages).Ho...
Hi AllWe are looking at upgrading our ASA5545 to an FTD, what is the replacement model for this? I was thinking the 1150 model.When I look at the specs it says maximum vpn peers 800, does this mean anyconnect sessions and site to site ipsec etc?The 5...
Resolved! User privilege level with Radius
Hello all, Currently I have several switches (IOS and Nexus) which use RADIUS for login. The RADIUS server is a Windows server and uses Active Directory authentication. I would like to assign the active directory users different privilege levels on t...
I plan to migrate a FMC running in vsphere to AWS. Initially I plan to: 1. Build the FMC in AWS as brand new; 2. Backup the existing FMC (running v7 already) and then restore the backup in AWS FMC; 3. Login to AWS FMC serial console to change the MGM...
I have exported an ACP and it's objects from one FMC to another.Would like to clarify how the objects are imported into the new FMC. We will have had objects – both network and port objects – on the new FMC2600 with the same name as objects in the po...
Hello everyone, I'm planning to upgrade our Cisco ASAv from version **9.10(1)42** to **9.20(3)20** directly. Current environment:- **Platform**: Cisco ASAv (virtual appliance) Questions:1. Is a **direct upgrade** from 9.10 to 9.20 supported and sta...
Introduction Cisco Security Cloud Control Firewall Manager is a part of the Cisco Security Cloud Control platform where we can manage ASAs, FTDs, and many other Cisco security products. SCC Firewall manager does have some "nice to have" notifications...
Good afternoonWe downgraded our FTD's from 7.6.0 to 7.4.2.2 - due to instability, bugs and snort 3 issues. We factory reset the FTD's and rebuild it successfully. Configuration is the same as before. FMC is stable.FTD1 - we receive the following warn...
