Hi all,I'm going to deploy FTD HA managed by FMC and the license qty as below2 x Threat Protection2 x Malware Protection andCisco AnyConnect VPN Plus license for 1500 userHow should I perform license registration steps on FMC?Should I fist enabled Th...
Hello, Friends! I need your advice.I use ASA5510 on the edge on network.(I have two offices and two devices)In plan, I want to update my old devices in next year.I can add, that I need IPSEC VPN and I need Anyconnect.So, how I understand, I can buy t...
Greetings,I recently acquired a 5520 ASA. I'm trying to integrate it into my environment but I am having a few issues.When I connect with my Anyconnect Client, I can ping my inside LAN GW (even pull up the web interface), but nothing else. I have a p...
Hi all, We are planning to configure Cisco AnyConnect VPN on our Firepower. And in front of our Firepower, there are two ISR routers that is doing NAT.What I would like to know is where should I configure NAT exemption? On firepower or on Router? As ...
Firepower is logging usernames to IP address for one subnet only which is where the Cisco user agent software is installed and also the domain controller is also on the same subnet. How do I get username to IP mappings working with VLANs that are on ...
Can someone please guide the FXOS upgrade procedure of FPR2100 which is running with Transparent FTD. I feel it is a bit different from FP9300.
Does anyone know the NX-OS equivalent of the IOS command 'no ip tcp timestamp'? This would be to disable tcp timestamps so an attacker cannot gather system uptime.Thanks.
Hello, I am a beginner for ASA Firewall. I have the same problem like below link. - https://community.cisco.com/t5/network-security/asa-wildcard-fqdn-object-acl/td-p/3062312 So I have read some articles for this subject. Then the conclusion is that ...
Hi all,I'm trying to limit SSH access to my router.Router IP is 192.168.1.254 My access list for SSH: ip access-list extended SSH_Access_Controlpermit tcp 192.168.1.0 0.0.0.255 any eq 22deny tcp any any eq 22 log!line vty 0 4access-class SSH_Access_C...
we have Site to Site VPN established on the Cisco ASA from remote office and we can access the firewall through outside interface without any issues but when we try to access the management IP, only primary firewall is reachable and secondary firewal...
I am only getting 3 days of logging within FMC. I have adjusted the time frame etc and I can only go back 3 days worth of events. Any ideas here?
Hi all, I have a Firepower 2110 appliance running ASA. I recall reading somewhere that this setup doesn't support redundant interfaces. Does that apply to port-channel configuration on the ASA? Thank you
We have a pair of Firepower 4110s configured as HA. Under the High Availability tab, we have a mixture of some interfaces having both "Monitor this interface for failures" selected and a Standby IP Address entered. On other interfaces, we only have "...
I am looking to change IP address of our FirePOWER Management Center which is virtual. I can see option to do this via the standard GUI but read conflicting info that I may need to ssh and also run some command line? Can anyone clear this up? Thanks
Hi All,We have cisco asa with version 9.8.3While checking the packet tracer from outside source public ip to a NAT ip of a server inside the network, I could see that ACL match is on a rule where the source segments are all private.So I decided to co...
.jpg "VIP Master"){kind=icon}
