Network Security

Enabling DHCP relay information

How do we enable “dhcprelay information trust-all” in a Firepower 1120 running version 7.2.0.1? DHCP snooping is activated in LAN, and the firewall is acting as ip helper/dhcp relay. The firewall is dropping dhcp packets because we haven’t been able ...

MACSEC PSK Verification

We will be adding new keys to our existing macsec key chain such that the new key will have a lifetime that is immediately available and expires in 15 months. I wonder how often nodes with macsec look at the keys, or reverify them, such that I can mo...

Resolved! ASA Multi Context

HIHi have copy run tftp: from our Server context not system context, is it possible to copy file back from tftp if I want to configure a replacement firewall? this would save me from coping and pasting all lines into Server context and save lots of t...

Resolved! Timezone information is not tranfered correctly to FDM 2140

Hi to all,recently purchased a 2140 and begun to set it up.One problem i am facing is with NTP.Although i have configured through FMC the timezone , when i issue the command show ntp in the ftd is shows me two clocks, one is utc and the other one the...

FMC managed FPR 4112 and adding sub-interfaces with 'Management Only'?

We have a customer with an on-premise FMC appliance running 7.0.5. It is managing several HA pairs of FPR 4112 and 4115 FTDs. We have a requirement to add an additional sub-interface to an FTD that is a 'Management Only' interface. In the lab I hav...

Resolved! Running bash script on FTD

Can you run scripts (no config changes just collecting configs, parameters, etc.) via expert mode on the FTD? Would you upload the file to root?

Resolved! Devices in Security Zones reach the GW but cant reach 8.8.8.8?

Hello GuysI made this Lab in EVE-NG to prepare myself for my CCNP Security examEverything work fine, I configure the FTD through FMC, I gave IPs for outside & inside interfacesalso, I have configured NAT, Static route and Allow Policy to outside inte...

Resolved! Cannot open RDP port on FPR1120 from FDM

Dear Community, My client wants to open remote desktop port 3389 on the fpr1120. I created static nat with port forward from outside to inside to forward incoming request on port 1616 to ip 192.168.**.** on port 3389 windows RDP and an acl to allow t...

How IPSec VPN works

Commands Used for IPSec VPN :crypto ikev1 policy 1authentication pre-shareencryption aes-256hash shagroup 2lifetime 86400tunnel-group 2.1.1.2 ipsec-attributesikev1 pre-shared-key *****crypto ipsec ikev1 transform-set TSet-1 esp-aes-256 esp-sha-hmac--...

RealTime logging not displaying correct result

ASDM Version 7.1.2Trying to see log of a blocked packet. testing use port 22,23,3389. using putty on those ports.ASDM logging debugno access rules to allow anything.access rule to deny from any to any logging debugports 22,23 show as denied (severi...

stop balloon popups

Is there an easy way to stop balloon messages from appearing on the agent? I know you can manually right click on the icon, Just wondered if theres a policy you can create or setting you can change on the agent kit.Thanks

Swapping licences when upgrading ASAv

Hi,Does Anyconnect licenses can be preserved and swaped when upgrading from ASAv10 to ASAv30 ?Thanks in advance.

Resolved! Run fx-os commands while in expert mode, Firepower 4100?

Hello to anyone who stumbles across this post, and thanks for any insight in advance. I was wondering if there was anyway to run default fx-os commands (like show version, show blocks, show cpu, show memory, show snort statistics) while in expert mod...

Resolved! Cisco FMC & WinSCP

I have connected WinSCP in a previous version of firepower. The version 6.6.1 I am trying to connnect to using WinSCP says i'm authenticating but it won't connect. Is anyone using WinSCP anymore or is there something better that can be used???

FMC Upgrade 6.6.5 to 7.0.4 - stopped at 39

I performed the FMC upgrade from version 6.6.5 to 7.0.4 and for 4 days it is still stuck at 39%. Has anyone had the same problem and would know how to go back to version 6.6.5 or complete the upgrade? Current Version: 6.6.5Upgrade Version: 7.0.4Elaps...

Network Security

Forum Posts

Enabling DHCP relay information

MACSEC PSK Verification

Resolved! ASA Multi Context

Resolved! Timezone information is not tranfered correctly to FDM 2140

FMC managed FPR 4112 and adding sub-interfaces with 'Management Only'?

Resolved! Running bash script on FTD

Resolved! Devices in Security Zones reach the GW but cant reach 8.8.8.8?

Resolved! Cannot open RDP port on FPR1120 from FDM

How IPSec VPN works

RealTime logging not displaying correct result

stop balloon popups

Swapping licences when upgrading ASAv

Resolved! Run fx-os commands while in expert mode, Firepower 4100?

Resolved! Cisco FMC & WinSCP

FMC Upgrade 6.6.5 to 7.0.4 - stopped at 39

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FMC - Failed to install rule update: Another Rule Update running

Hello, I have 3 questions about the FMC CLI, OCSCP and multiple certs

after FTD upgrade from 7.2.5.2 to 7.2.9 all snorts cpu are almost 100%

Hybrid Exchange/ SSL Decryption Error

FMC Unable to Join CSSM On-Prem

Cisco ASA RADIUS for SSH and LOCAL for Serial

9200和9300，通過管理口進行tacacs認證失敗，找不到原因

ASA Static Routing same IP with different subnet masks

General steps to migrade to a new Cisco Firepower hardware model

GeoLocation IP Package Download In 7.4.2 FMC