Hello Team,Is it possible to filter VPN remote access with mac-addresses as a second layer factor security in addition to username/password on FMC?If yes, any ideas to approach this?Thanks.
Forum Posts
Resolved! FTD Module FPR9K-SM-56 Faulty DIMM / RAM
We are having a Faulty SM-56 (in a Firepower 9300)slot/1/fault/F1546Description:Security Module 1 is in failed state. Error: Security module is downgraded (or) not acknowledged. Reason: DIMM or CPU degradedWe even know which DIMM is bad: Memory Array...
Hello, I have built an IPSEC site to site VPN tunnel from one of our Cisco ASA to Fortigate firewall. The tunnel is up and running and traffic is passing though the tunnel as expected. Now I have a requirement to track the tunnel status via SLA monit...
I'm working on setting up a pair of FTDs to replace existing ASAs. FTDs and FMC are running 7.2.5. The ASAs have the following timers configured for OSPF: router ospf 1 timers pacing flood 5 timers pacing retransmission 60 timers throttle spf 10 1...
Hey everyone! I have a weird situation going on with my failover and I just wanted to make sure the best practice for the HA Pair of a FTD. I have two outside interfaces with the same IP and I think when they have the same IP it broke the HA pair. Q...
Firepower 1010 (ASA-Image): ASDM does not work anymore after upgrade Hello everybody, I upgraded the Firepower 1010 (ASA-Image) from 9.14(4) auf 9.18(3)56using the ASDM and the upgrade worked without issues. Directly after the upgrade I still could o...
Hi,We used the migration tool to move from ASA5525s to FPR3110s and the tool appended "no-lookup" to most of the rules but not all. If anyone knows what this designation implies, as well as it's absence, I would greatly appreciate knowing. Thanks.
Hi,I am trying to create a VLAN containing our Guest Wifi network - and only that.The device with mac 0000.1111.2222 is the access point.So far I have:vlan 56 name guest-wifiNext I want to configure an interface. At the moment, it is configured to Gi...
Hello folks, What are the best practices to fix local subnet (RFC 1918) URLs that get classified as uncategorized. Is there a better way than adding them to a URL list as a feed or as a URL group. The exercise being that I want to identify them a...
Hi all,I need some assistance with ALC'sSo my goal is to have an ACL that blocks access to the switches web gui BUT allows an ISE URL redirection for our guest users.In order for the redirect we need to have the http and http secure-server active,Thi...
Resolved! FMC protocol (n)
Hi. Can anyone tell me what the number in brackets in FMC policy editor means in the protocol drop down field? thanks
i have Cisco ASA5516-X Threat Defense with ios version (75) Version 6.2.3.17 (Build 30) and i intended to upgrade to 7.0.1 but i have to go 1st through 6.4.0 so i upgraded the ASA to isco ASA5516-X Threat Defense (75) Version 6.4.0 (Build 102) then t...
Hi All,I'm getting "packet 1420 bytes greater than effective mtu 1398" PFA, when trying to send an SMTP traffic via IPSEC VPN, Could someone please advice on this?Device: CISCO ASA 5525
i want configure Ether channel in FPR1140 and this FTD manage by FDM so it is possible
Hi Team, Kindly need your suggestion/help if anyone experienced like this In my office, we've FMCv and Manage 2 Appliance Firepower 1120 with HA configuration But, last week, Our HDD server (that hosting FMCv), is corrupt Fortunately, there's no imp...
