I have a bunch of S2S VPN's terminating to an edge ASA firewall.I'd like to add a new ASA/FTD appliance inside our network for the VPN's to terminate to. We have dual WAN circuits so if a specific circuit drops currently we lose the VPN connections u...
Forum Posts
Hello - I have FTD 1010 managed locally. I would like to connect it to CDO, the base license is already active for the FTD (attached). I'm not sure if I need any other license to manage the device from a cloud (CDO).
Hi Everyone, im having an issue where i am unable to download the pkg file for re-imaging my ASA to the unit. I am trying to flash a clean, fresh copy of 6.4.0 FTD firmware to this unit as a POC for upgrading a HA cluster of these units. Running the ...
Resolved! FTD management with both FMC and CDO
I have an on-prem FMC that manages a handful of FTD devices. All of these devices use private IPs and are not NATed or exposed to the Internet in any way. The problem is some of the FTD devices are reachable only via IPSec VPN which sometimes gives...
Resolved! Cisco ISE
What is SGT in Cisco-ISE ?
Resolved! HA or clustering Firepower 4115
Hello, after deploying a couple of firepower of 4100 family, we configured the FXOS in cluster, apparently there is not differentiation on between cluster and HA (unless I missed something). So far so good, the problems comes when from FMC I want to ...
Resolved! NGFW 1140 configuration question
We have migrated from a AS 5516 to a NGFW 1140. Everything seems to be working great so far. What I was wondering is we have site-to-site tunnels configured and it appears the normal internet traffic is also trying to go through the tunnel. How can w...
Hello AllI am working on a LAB/Pilot to Create a Ipsec tunnel to vendor over bgp using the Tunnel1 connection. I have create the tunnel and have the IPsec up and working. Examples are connection to Cloud connection but I want to hid my internal IP ...
Hello,Where can I find out how specifically the Cisco Secure Firewall/ Firepower engine detects specific applications in network traffic.I understand they are applications which are detected in different ways, one way for example ASCII patterns in th...
Hello,I have been stuck for several days on an ISE authentication problem with SAML.Microsoft authentication works fine then the ISE redirects to google.com and it fails to change the authorization profile. As he does not have Internet access with th...
Hi all,I would like to ask how could I classify hosts automatically on StealthWatch 7.4.2 with domain datastore datastore.I tried the application hosts classifier, but the problem its not suitable for datastore. So, It did nothing.Do you have any sug...
i have 4 ASAv(ASA1v ASA11v ASA2v ASA22v). When I downloaded and installed ASDM from ASA1v, ASDM did not run automatically and there was no icon on desktop & window menu, but was able to uninstall in Control Panel. When I downloaded and installed ASDM...
Does anyone know where to find Cisco Secure Workload (Tetration) Training?? Is this product being abandoned?
Hi GuysI am completely new to Cisco Firepower and ISE. I am trying to assist a client with moving from DUO MFA to Azure MFA on Cisco VPN. The customer uses both Cisco Firepower and ISE in the environment.The question are:1) Can users be moved to Azur...
Hi All,We are migrating from ASA to FTD and planning to use migration tool, I came through that in 7.2 version of FMC and FTD even VPN(both site to site and AnyConnect VPN) configs will be auto-converted too. I am mostly concerned from ssl certifica...
