I have a server that needs to access DMZ via ssh so it can be patched. I created an ACL in the inside zone to allow this server access all-dmz zone with any port and dest port ssh. This is now showing the drop below:Phase: 1Type: ACCESS-LISTSubtype...
Forum Posts
Hello, A few days ago we started to get reports from users from different countries not being able to login to our systems any more. In FMC I can see the IP addresses in the Security-Related Connection Events being IP blocked with the Security Intell...
HOW CAN MY IP BE SHOWED AS BELONGING TO deploy.static.akamaitechnologies.com IF I NEVER SUBSCRIBED THAT SITE AND IT IS NOT THE ONE MY SERVER PROVIDED?
Hello.I have an IOS Router with a single outbound link, terminating more than one IPSEC tunnel.I'd want some of the tunnels to be terminated on a loopback interface, and some other on the outside interface itselfCurrently, I have a single crypto map ...
Hi, Could you please guide how can I used wildcard in Web Filtering. Like I want to block the tiktok.com sites with a wild card.Currently, tiktok.com is blocked but tiktok.com/en is still open and I want to block him. Right now, I am using Ciscofirep...
Hi All, I got FTD HA pair managed by FMC in production environment. I took the backup of both firewalls via FMC. and also FMC backup. I need to replicate the same setup in my home lab where i have 2 FTD and 1 FMC. Just want to check the below is the ...
Hello, I have a device health warning in the notification of the FMC for a device that is not applicable now (Advised by TAC)Is there a way we can dismiss this please? thank you
Resolved! FMC->FDM migration
Hello, I have two Firepower 1010 appliances with FTD, one is brand new and the other one is already configured and managed by FMC. The new firewall should be managed localy with FDM and use the exact same configuration. I wonder if there's any way ...
Hi, Is it possible to block or lock any changes when an admin A is making changes, while an admin B wants to make changes also to that same part of the configuration?
Hi,I have a python script that loops through each access policy rules and attempt to disable the rules that match a certain condition. I have the loop and condition logic working but I am struggling with disabling a rule.Here is my python 3 disable r...
Hi to all, we have a working ISE environment with licensed TACACS services.User that access network devices are successfully authenticated as well as authorized. Tacacs live logs show correctly user being authenticated as well as being authorized.A...
Hi, the FTD software (6.2.3.10) on ASA 5506-X does not seem to support point-to-point (/31) ipv4 subnets. When trying to set my static /31 public ip on the outside interface in FDM the error message "You cannot assign a broadcast address as the IP ad...
Hello everybody,our customer performed a FMC upgrade from 7.0.5 to 7.0.6.Since that upgrade Office365 applikations Teams and SharePoint was not recognizedanymore and the traffic was blocket (see screen dump attached) on FTDs running rel. 7.0.5. All o...
Resolved! Continued failed deployment on FMC
I keep getting a failed deployment the only error I see is this.ET-DFW-FP-02 >> error :sysopt noproxyarp Vlan300^ERROR: % Invalid input detected at '^' marker.Config Error -- sysopt noproxyarp Vlan300It refers to a Flex Object that is not needed but ...
Hi Team,We are facing the issue between Ipsec tunnel between 2 sites, tunnels went down frequently everyday after 1-2 hours. Site A has : ASA5516 Site B has : FTD 1120.issue: both the phases shows down, once I regenerated the traffic from site B then...
