I am testing new FTD1150's. There are no connections or traffic flowing through. But Snort is causing lots of high CPU usage alerts in FMC. TAC is saying to revert to Snort 2 and not use 3. This cannot be a real solution, can it?
Forum Posts
Hi TeamWhere can i get my hands on a FTDv demo license
Good morningHave this warning when deploying, but could not find where are the NatRules (1-15), have only 8 NAT RulesWarning: [ManualNatRule 1] This rule uses an interface object that contains no defined interfaces..... Warning: [ManualNatRule 15] Th...
Hello,So, in Snort 2 theres an advanced setting menu and i can enable syslog from there. So in Snort 2, i can only send intrusion event to the SIEM from the intrusion policy.But, when i try to configure the same thing in snort 3, theres no advanced ...
Hello Comunity I have a customer who is looking to enable expert mode on Firepower 4115 running multi-instance We are having issues with high unmanaged disk space (94%) /var on version 7.2.2 (suspect we are hitting -https://www.cisco.com/c/en/us/su...
We currently have a ASA5516 with the FMC 6.6.1. We decommissioned a site-to-site vpn tunnel we had to a remote office that had a FTD 1120. Can I simply Click on the Devices, and Delete the 1120. The office is closed and the 1120is no longer con...
I have a pair of FMCs in HA with a few devices registered and failover is working as expected. I need to change the ip address of the standby unit so had some questions: 1.) To re-establish HA, do I need to break HA on both devices (at the moment ...
Resolved! Smart Registration licensing URL(s)
Hello All, We have a ASA 5512 running Firepower 6.2.3.6-37 software. We recently reimaged our ASA from the old ASA software to this new FTD software 6.2.3.6-37. Our internet access is controlled by another higher dept and restricted to a few specif...
Hello,I have created Time range in Object Management from 08:00 until 09:00 AM and inserted into created rule from outside to inside PC allow connection for the specific time mentioned before. I`ve checked time zone and synchronization on FTD and FMC...
Hi all, I have a cluster of 2x FTDs running on 2130 with version 6.4.0.9 which is managed by my FMC. In the threat defense policy which is applied to my FTD cluster, the Secure shell settings in my platform settings is blank but i am able to ssh into...
Hello All, We have two Firepower 2110 appliances with the ASA code and I want to re-image the appliances with the FTD code 6.6 or 7 so my question is when I do the re-imaging and add them to the FMC do I need any type of licenses to configure them as...
I have a Firepower 2120 running FTD 7.3.0-69, using FDM. I've tried to enable FIPS in the CLI but get the below error. /security # enable fips-modeWarning: Connectivity to one or more services may be denied when committed. Please consult the product'...
Hello I performed upgrade on my ISR1K and ISR4K spoke router. DMVPN didn't come up until I deleted command "if-state nhrp" under tunnel interface. It stuck i NHRP state Does anybody have an idea why? Regards, Emina
Hi, Is there a possibility to disable SSL 2.0 & 3.0 & enable TLS 1.2 in following devices Devices - IOS versions ACE-4710-0.5F-K9 - A 3(2.7)CSACS-1121-K9 - 5.1.0.44WS-C2960S-24TS-S 15.0(2)SE11 Thanks in Advance...
We are having a heck of a time trying to deploy FMC in Azure with any of our 100+ CSP subscriptions. The validation fails saying: Offer with PublisherId: 'cisco', OfferId: 'cisco-fmcv' cannot be purchased due to validation errors. For more informatio...
