Hi Cisco community.I am faced with a boot issue after an improperly implemented upgrade to Cisco Adaptive Security Appliance Software Version 9.18(1).The previous version was Cisco Adaptive Security Appliance Software Version 9.17(1)Now I see these m...
Forum Posts
Resolved! ASA Keeps booting to Rommon!
Hello,I recently had to re-format, add a new activation-key, and add the asdm504.bin and asa704-k8.bin to my ASA 5520 (I accidentaly erased the memory on the machine). Now currently everytime I use the "reload" command it just loads straight into Rom...
I setup a pair of 2110s (6.5.0.4) in HA that are managed by an FMC w/ a port-channel facing the LAN and a single outside interface for now. I set the port-channel and the outside interface to use a virtual mac address for the active and standby unit...
Dear ,we noticed that cisco firepower FTD 2130 is sending DNS requests to the open DNS 208.67.222.222 which is not required and we didn't configured.we need to disable this featrue , please advice
Hello, We are currently using flexconfig for PBR but after upgrading to 7.2, PBR can now be configured through FMC's Policy Based Routing page. Anyone tried to configure PBR this way? Should we deploy the configuration once after we remove the flexc...
Hello,I'm trying to upgrade/re-install the IOS for Firepower 2110. I have downloaded the asa image (cisco-ftd-fp2k.6.4.0-102.SPA) when I try to upload it to the FTD, I will get a failed message when I check the show download-task details. Model : C...
Hey Guys,i tried basically everything in the internet.My ::> show run Any more parts interesting for you? What am I missing.> -----curl https//:{host}:443 -u "name:pw" ------------ is not working either! Postman neither! Browser neither... Chrome is ...
Resolved! How is ASA resolving hostname
We have a Cisco ASA 5525. There are many references to a server "dc" in the ASDM. The ASA is using "dc" as a DNS server, it's using "dc" as a radius server. And all of these things are working properly and I'm able to ping "dc" from the ASA. However ...
Over the past month, we've found two vendors who are using VPN connections from their systems on our network that we were unaware of. I've been searching for a way to block unauthorized VPN connections - one is running on port 443/tdp and the other o...
Hi, so my 1 of my HA FMC MonetDB is Crashing right now.The solution i think about is by reimaging the FMC. I want to know if i reimage the FMC does it restore the MonetDB or it just gonna be the same MonetDB as before?Also, i have 2 FMC in HA mode, b...
We currently have a few FTD firewalls running 6.4 managed by FMC 6.4. We are going to upgrade the FMC to 7.0 in preparation for new firewalls. After FMC upgrade, it will be like FTD 6.4 + FMC 7.0. As I understand, 3des and dh5 are depreciated since v...
Hello, When the remote end is using a dynamic IP you have the option in FMC to set the remote end IP address as dynamic, but you can also configure the Site to Site VPN as a "Hub and Spoke". Both types of VPN will use a dynamic crypto ACL, so is ther...
Hello All I have FTD 2110 running ASA 9.14.1 in appliance mode. Via Console port I connect to fxos admin and through to fabric but the commit-buffer command does not work. I am trying to change the mgmt IP from default to a new static. Can anyone hel...
Hi allWe have an FTD 1010 pair, in high availability, running version 7.0.3 and Snort 3 which is incorrectly classifying packets as malicious and blocking them. We have been advised to downgrade to Snort 2. Has anyone done this before on an HA pair? ...
Recently migrated from snort 2 to snort 3 and looking for best practice to maintain and review IPS policy. For example, in new snort 3 policy I no longer have the POLICY LAYER where I would go to view any NEW or MODIFIED rules from previous update. H...
