I was asked to help migrate a ASA 5512x with firepower services that I installed while working with another company about 8 years ago. My current company (a Telco) no longer sells or installs CPE equipment, and the former customer ordered a FPR1010...
Forum Posts
Hi All, We have an issue with the new imaged machine. Here is a brief - We have a users and management tunnel with user certificates for the users and machine certificates for the Mgmt tunnel - User tunnel auto connect when the user logs in, and of ...
Resolved! Cisco 1010 port forwarding issue
Upgraded from ASA - 1010 firepower - Not able to get port forwarding correctly! please see attached Access list and NAT - firepower# show run natnat (inside_2,outside) source static DSM-OVPN interface service _|NatOrigSvc_07ad74-b908-11ed-aee3-6da23...
Resolved! Deployment failures on SFR via FMC
We are seeing intermittent deployment failures on 3x SA5516-X with SFR. They are on 7.0.1 with Snort version 2 currently. The error witnessed during failures in the FMC UI is: "Deployment failed due to configuration error . If problem persists after...
Hi We have recently launched cisco firepower 1150 (Version 7.3.0) for one of our sites and sometimes strange problems happen for it. One of it’s interface doesn’t work properly. For example STS VPN between cisco ASA and firepower disconnects and remo...
Do someone know if it's possible to activate a CA on FTD (7.0.0.1+) to generate Identity User Certs (OTPs) like Cisco ASA used to done?...
Good day, Is is possible to configure the FTD 1120 version 6.7 with dual ISP links for users with the anyconnect client to connect to the FTD using either ISP. Looking at the configurations, you can only configure one outside interface for the globa...
Hi Guys,I have FTD 6.6.1 with FDM, I configured Remote Access VPN, and everythink working good except for management FTD.I would like to be able to manage this device after VPN connection. I configured one of data interfaces as a MGMT:ftd1l# show nam...
Dears, I have an FTD at a remote site and managed using FDM.A site to site vpn is configured between FTD at site and ASA at HO.Tunnel is working fine and I can access and reach all IPs in remote site.Concern here is I am unable to access FDM/FTD’s ...
Configuration does not sync with standby box and it shows Failed. I can able to ping state and failover link from active to standby and standby to active.show failover stateState Last Failure Reason Date/TimeThis host - PrimaryActive NoneOther host -...
FMANFP-6-IPACCESSLOGP log message displays IP addresses in reverse order. The Cisco bug ID CSCvn40315 identifies this bug.The explanation references an outgoing network package that may have been affected by this bug, indicating that an IP address o...
I have what I thought was going to be relatively easy task. Our syslog server logs more than 20,000 login attempts in 48 hours to log in using a variety of root, admin, administrator and random email accounts. While all have been prevented it may onl...
I'm attempting to migrate a merged configuration from two ASA's that just contains the objects, object-groups, ACP and two interfaces using the latest FMT 4.0-7965 windows tool. In my lab (ESXi 7.0) I built an FMCv running the same version as product...
Resolved! downgrade to Snort v2 on FTD HA pair
We have several FTD HA pairs. One set has a single FTD running Snort 3. And one set has both FTDs running Snort 3. We've decided to downgrade all FTDs to Snort 2. Is it possible/advisable to downgrade a single FTD to Snort 2 while leaving the other m...
My problem is traffic broadcast from 2 Microsoft Windows PC one connected to port 1/2 and another connected to port 1/4The Windows application communicates using these IPs 224.0.0.22 IGMPv3 and 225.0.3.15:5602 UDP and these packets do not pass betwe...
