I opened a ticket with support and they stated to perform the steps below, but is it the best process? Should I remove the devices first from FMC, change the FMC IP address, then register the FTD devices again? Trying to minimize and configuration is...
Forum Posts
HiI’m migrating from a CBAC based basic firewall configuration on a 800 series router to an ISR, and am trying to get ZBFW working. I’m obviously doing something wrong because nothing works What I’m basically trying to achieve is to allow everyone o...
The enterprise needs anThe enterprise needs an IDS/IPS solution that will decrypt SSL/TLS encryption to inspect layer 7 signatures.Because the financial cost to buy an ASA for each of 15 branch locations is unappealing, it seems the best strategy is ...
Hello guys,so I have a problem. In company where I am working we have Cisco FTD 1010 with newest OS version 7.2.5 which are connected to FMC and any ssh login is with our domain accounts. We have saved loca users for emergency. And one of our FTD get...
I try to configure both anyconnect and clientless. Clientless works, but anyconnect's traffic dropped by acl-drop192.168.20.10 > 8.8.4.4 icmp: echo request Drop-reason: (acl-drop) Flow is denied by configured rule, Drop-location: frame 0x0000563f6f1b...
My WAN IP address is 72.X.X.X and the public IP addresses provided by the ISP is 200.X.X.X subnetMy secondary ISP WAN IP is 33.X.X.X and the public IP addresses are in the same subnetThere is a web server in the DMZ, which does not work when I set th...
Greetings,I am trying to communicate two IoT devices that use ModbusTCP to communicate through an ASA 5505.The topology is below. ** I must say that I am not an expert in firewalls and I have been educating myself reading the configuration guidelines...
Hi, Have created a local cli user in FTD 3120 after the user creation not able to login to FTD with user getting error "More than 32 CLI sessions are not allowed" Also while connecting to fxos from FTD with admin access getting error "More than 32 C...
Hi GuysI am looking at moving from our Cisco ASA 5515X which we use for remote access VPN with DAP policies etc.We need new hardware so looking at a Firepower 1000 series.I have a few questions.1.Should we stick with the ASA software on the new appli...
Resolved! No traffic from DMZ to LAN
Hello again,What worked in test environment failed in liveThe FTD is in production but I am unable to access LAN devices from the DMZ network. Can someone guide me in the right direction please, this is a bit urgent The DMZ interface is in switch mod...
I am trying to configure SNMP in firepower 1xxx series (1010) with FDM.Firmware is 7.3.1According to this similar guide, I enter some command.https://www.cisco.com/c/zh_tw/support/docs/ip/simple-network-management-protocol-snmp/213971-configure-snmp-...
I just completed 1600 FMC Migration and was wonderfing why I don't see the user configuration when just logging into the secondary FMC? Is it because it would need to be failed over to the secondary FMC in order for the cofiguration to be fully popu...
I am trying to configure the ASA to allow the External Network to access web service provided by DMZ web server which is on the DMZ network. Above is my network diagram.In My ASA configuration.route 0.0.0.0 0.0.0.0 next hop routerinterface e0/0nameif...
Hello,we are using a freeradius server for authenticating at our ASAs. Now we introduced a user who should be limited in his abilites; so we defined a privilege level (14) for this user to limit this account to certain commands.This now works for an ...
Hello,My topology is roughly:[PC]---<R1>---<ASA>----<R2>The port forwarding functionality I want to achieve is:From my pc @192.168.1.15: ssh 192.168.1.6:2222 =>(redirect) 203.0.113.2:2222 =>(redirect) 172.16.0.2:22I am trying to ssh from my PC connec...
