Not understanding the difference for an Access Control Policy if let's say I 'Trust' the facebook application vs 'Allow' the facebook application. Is the only difference the ability to log?
Forum Posts
Hello,All of a sudden Im getting below errors on our Firepower 1120...On chrome:Internal Server ErrorThe server encountered an internal error or misconfiguration and was unable to complete your request.On Firefox:Secure Connection FailedAn error occu...
We are migrating from ASA with SFR modules to new FTD appliances. We used the migration tool, but did not select the option to migrate ASA with FPS. After looking over the configuration, I'm wondering if we should have chosen the option to migrate ...
I have been running Cisco Any Connect 4.4.00243 for some time but recently I have used a Remote Desktop Connection from this PC and following this I cannot connect due to the following error." AnyConnect profile settings mandate a single local user, ...
Hello Community!We have two ASA5508s with failover (one active and one standby).We need to reboot both firewalls due to a memory leak issueWhat is the reboot process?1. Check the status of the failover2. Reboot the backup firewall.3. Check the status...
Resolved! ASA 9.6 Global Inspect Policy
class-map global-classmatch access-list global_mpcclass-map outside_policy1match access-list outside_policyclass-map class_sip_tcpmatch port tcp eq sipclass-map outside_policymatch access-list outside_policyclass-map testing!policy-map type inspect h...
Hello, I'm a little confused with this feature or manager, I need to know how can use the Cisco Firepower Mgmt Center to manage my firewalls, the main reason is I need to add url filters on the FP or can I add this kind of filters via CLI? Thanks in ...
Hi guys, I have FPR 1140 with 1303 active rules :((I need to optimize (delete not used old rules) it.As you can see on the screen, there are no options like: "active sessions", "hit counts", "first used" or "last used". so, can you please tell me h...
When I look in the FMC, I can see that the hostnames are different. When I go to the CLI I put in configure network hostname XXXXXXX and it shows there but it doesn't show on the saved configuration when I do a show running-configuration. Is there ...
Resolved! Problem With ACLs
I am new to cisco and trying to setup a vlan with some access-lists in my cisco router 871. The router i have is connected to another router with default ip 192.168.1.1/24. My router has the WAN ip 192.168.1.110 and the vlan network is 10.0.0.0/29. T...
Hello,I've been looking into see why a snort 3 instance would restart at all the time. Where in the troubleshooting file would that be logged?Would like to know the reason why or cause. I see multiple Snort restarts daily during operation, so it does...
Hello,I understand that in Access Control rules on the FTD, there are "block" and "block with reset" actions, but how does one configure Snort / IPS to send a RST if it's dropping something (traffic that was set to "allow" in the ACP?) Furthermore, i...
I have a pair of ASA55XX series firewall and configured as active/standby configuration.I have added an add-on network adapter card on both of them and I configured the management of it. (The original management port was configured as IPS usage)I had...
Hello everyone, we are affected by this bug CSCvx89643 and there is only a workaround to fix it: whitelist the certificate on webproxy. https://bst.cisco.com/bugsearch/bug/CSCvx89643 How do we do that? Regards
When I start a configuration using the default config, all ports are up if plugged in. After the default config is finished, I make the following changes. Go into each interface (2 - remove nameif, remove bridge-group, and shutdown. After the inte...
