I have a Firepower 2100 firewall managed by FMC 7.x. It is set up in transparent mode with a bridge group (BG) between ports 1/1 and port 1/2. In my test bed I have an outside computer 192.168.1.1 and an inside computer 192.168.1.2. Access rule...
Forum Posts
Hi, I'm trying to determine if I can update and strengthen weak SSL/TLS on an EOS ASA5585-SSP-20 that's running Version 9.1(4)5 code on it? The current SSL config shows the following: ssl server-version tlsv1-only
Is there a way to rate limit the traffic generated by the FTD itself? Example: if VoIP is going through the Firewall, can we prioritize VoIP over the events traffic generated by the FTD itself? I'm familiar with the QoS feature of FTD which permit b...
Under the HTTPS configuration of the FMC I enabled require client certificate without having said certificate. I am now unable to log into the FMC via the GUI. Is there a way to back that setting out from the CLI?
Hi allJust need a clarification regarding that the NGFW contains the IDS engine or just the threat management.Coz i am just confused whether the firewall has IDS and threat management or just threat management. Thanks for your help in advance
Hi Is there a way I can change user timezone in cd FMC like I can do it in on premise FMC's? thanks
Resolved! FMC CPU keeps ramping up
I have installed FMC on an ESXI server, and it has been fine for a few months. Now over the last 2 months the CPU’s will spike and FMC becomes un-reachable. The FMC is not being used in full production yet, so it doesn't have a lot of traffic. I have...
HelloASA5525# show conn all1. Does this command give current data, or does it need to be refreshed?2. If I "#clear conn" , will that terminate all active connections on the ASA?Thank you.
Appliance Model : Cisco ASA 5508-XFirepower Status : Not used ASA Version : 9.16.4I am having trouble using NTP to synchronize time on port 123. I have set up a custom NTP server that listens to port 122, and I have verified that the synchronization ...
Hi,I would like to know any tool available to decoding /ananysing the crash info files for Firewall and Routers.Thanks / Regardskaruna
Hi everyone.We upgraded our Firepower to Snort 3. The devices are Snort 3 only. The intrusion policy does still have a Snort 2 version.After the upgrade, we are still receiving drops for Snort 2 rules. ***This is a correction. I initially wrote that ...
Resolved! Banner Login ASCII Text
hi all,i'm just wondering if we could do fancy ASCII text/art on ASA's banner.i tried to do the same as my other devices but it's doesn't accept it.ASA5505(config)# banner login +-----------------------------------------------$ASA5505(config)# | This...
I have been working with FPR-1010 and FTD v7.x enough over the last year to have experienced complete a loss of firewall interface configurations when switching managers, for example, from FDM to FMCv. I need to know beforehand if switching from an o...
Resolved! Access list Configuration
I want to add an entry in existing access-list & want to preserve the sequence number how can this be done.For E.gip access-list extended abc250 permit tcp x.x.x.x 0.0.0.255 host c.c.c.c eq 443260 permit tcp y.y.y.y 0.0.0.255 host d.d.d.d eq 443270 d...
