Hello. Simple quick question...Inside the LAN I'm installing a new vendor's Cisco box that has a preconfigured VPN to a server on the www. All communication will originate inside this new box that connects to a switch that connects to the inside inte...
Forum Posts
Our Firepower Threat Defense SNORT engine is triggering rules that don't match the actual traffic.For example, rule 1:16540:18 references CVE-2010-0477 which has the description: The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does n...
Resolved! FTD - IPSec failed
Hi everybody, I have an FTD with FMC that must have a VPN tunnel IPSec with a router. I have configured the FTD following all the instructions but I receive the message log error "Failed to authenticate the IKE SA". Reading the debug messages I found...
Hi Cisco SMEs,my problems has been raised problem has been raised before, sometime ago in 2017 see this Community post on "Defining custom PAM or protocol for ZBF", and here "IP Port map custom protocol in IOS XE".Both of these only identified that t...
Hi All,I am facing an issue which I am not able to trace the destination ip and port of the whatsapp application in order to open it on the firewall?any advise ?Thanks
Resolved! Old NAT ASA Config Question
Hello Network Gurus,Just trying to figure out what is this NAT config for?global (outside) 1 interfacenat (inside) 1 0.0.0.0 0.0.0.0static (inside,outside) 10.17.1.5 10.17.1.5 netmask 255.255.255.255Saw this access list command as well:access-group O...
I'm trying to set up a transparent mode FTD on the FMC to allow L2 multicast IEC61850 goose packets with a VLAN tag to pass between inside and outside sub-interfaces.1. I created a BVI to bind inside and outside sub-interfaces but have no IP address....
we have three pairs of FTD 4100 series managed by an FMC 1600, yesterday we got an error on one of the FTD that says: Policy "policy name" has been altered since "timestamp". Retry deployment we didn't deployed anything on this particular device....
Resolved! FMCv300 Resources
Hello community,currently we have started with implementation of FMCv in our network.Since we need to manage more than 25 senors I suppose there is no other option than to go to FMCv300.My question is, is it possible to modify/ downsize resources req...
Hi All,I have a cisco FPR 2130 i have connected eth1/13 and eth1/14 with 10G LR SFPs with a device called IXIA its a point to point connectivity. On IXIA i have an SFP called (Ixia, QSFP+ 40GBASE-PLR4 40GE pluggable optical transceiver, SMF (singlemo...
Hello. I've been working with the Cisco API interacting with different FMCs for a while, and I notice that every physical device has the same domain UUID, which is "e276abec-e0f2-11e3-8169-6d9ed49b625f".In my side of the API programming I considered ...
I'm having issues with my networks not being able to resolve websites. I'm trying to configure DNS servers on internal segments without putting them on the public network. So basically, port forwarding ideally, I would like to have one DNS server in ...
Dears, I have three questions, Please answer Please find the attached error. whenever i navigate to edit the ACP , i get a pop-up as per the attached , also when i save after doing any changes i get an a attached pop-up error, hence it is a bug ...
Resolved! Cannot ping across Cisco Firewall 2110
I have a bit of a unique situation which I am struggling with. The topology is a bit weird so let me explain the end goal. We want to physically separate the two sides of this network into two autonomous networks with each side having their own firew...
Hello,I have a site to site vpn that works just fine, however when I tried to NAT traffic from my INTERNAL network with a pool NATPOOL over that vpn tunnel, the traffic simply doesn't work, what I tried is to implement the following nat rule but stil...
