I have a bit of a unique situation which I am struggling with. The topology is a bit weird so let me explain the end goal. We want to physically separate the two sides of this network into two autonomous networks with each side having their own firew...
Hello,I have a site to site vpn that works just fine, however when I tried to NAT traffic from my INTERNAL network with a pool NATPOOL over that vpn tunnel, the traffic simply doesn't work, what I tried is to implement the following nat rule but stil...
I can't find anywhere on the FMC on how to update this. Can't find any documentation either.
Is there a way to limit the amount of SSH sessions to the FTD CLI?
Hi,The result I am trying to achieve is blocking the ICMP traffic from 192.168.100.101 pc (inside traffic) to 192.168.101.00/24 (outside) trafic.I've configured an ACL, but for some reason the ICMP still travel through ASA:access-list outside line 1 ...
I noticed one of the policies on the FMC is out of date i.e not updated/deployed on the Firewall.I am not aware what changes were done on the policy and I want to avoid going through each and every rule to find that out.Is there way I can rollback ch...
I have a problem with my FTDv 7.3.1 on ESXi. When I start uploading a large file over L2L VPN using SCP or SFTP between the server and the remote host, after a while the outside FTDv subinterface becomes unavailable and IPSec is aborted. After a few ...
We need to import the server certificate to the ASA in order to use LDAPS for VPN authentication. The server certificate has a creation date of 06-06-2021 but an expiration of 06-06-2121. When I attempt to import the certificate into the ASA the cr...
I am setting up new FTD 1120 with local device manager.I have a few queries.a) When I issue the shutdown command as shown command from CLI (FW01(local-mgmt)# shutdown ) firewall reboots at the end. Is it normal?b) When I login to the FTD for the firs...
Hi everyone, I'm stock configuring ASA5506-X. I am trying to get office computers(outside, 10.108.70.X) to access CCTVs(inside, 192.168.129.X) both are on different networks through ASA5506-X. I have set nat, access-list and inspect rules. It seems ...
Hi I'm currently building a proof of concept for our firepower implementation and i've run into some confusion regarding NAT and FMC I am testing the following set up: FTD at remote site is behind a single public IP FMC is at the central site b...
Hello All, Can anyone help me how can I enable logging using Ssh So that I can collect/view debug logs for real time logs and previous logs like 3-4 days before. Below is the output of my ftd cli firepower# show logging Syslog logging: disabled Facil...
Hi All,We are planning to upgrade our FMC and the FTDs managed by the same FMC to the better version which is stable.Currently we are running the below in the FMC.Cisco Firepower Extensible Operating System (FX-OS) v2.11.1 (build 154)Cisco Firepower ...
I'm messing around in lab and trying to get the FTDv to do jumbo frames. According to the documentation its pretty simple but I've not had any luck. I set the MTU on the Interface to 9000 and FMC said it was enabling jumbo frames and to reboot. I ...
I have an Firepower ASA with Firepower base license. Device successfully registered via smart licensing. Now we don't want to connect it to the internet, so disconnected it from internet. Is there any issue if license authorization communication fail...
