Dear All,I having been using Cisco FTD for quite a while now and i understand it is quite complex to manage via the cli hence the need for a FMC for proper management. Please i need a command to locate the user password policy set on the cisco FTD v...
Forum Posts
Resolved! 2960X weak diffie-hellman ciphers
Hello I have a few 2960x switches on the network with 15.2.7.E5 code and we have internal scanners that are calling out the diffie-hellman 'kex' as weak ciphers and should be disabled. It appears that these DH cipher's are the only ones available f...
Hi GuysI would like to copy all cryptos and its description from ASA firewall(we used to same customer name on description). Is there any option?
Hi I have 2xASA 5585 configured with multiple context running 9.4 (1) code base. During weekend, suddenly I missed ssh to the active ASA. ssh ASA.ip ssh_exchange_identification: Connection closed by remote host debug ssh on the firewall gives De...
Hi,I wanted to use subinterfaces in the asa transparent mode but was only able to reach the ASA BVI but not any other IP.However, when I started using physical interfaces, I was able to reach everything. The rest of the config remain the same. Is th...
What is the difference between Firepower chassis manager and firepower device manager? Like a Firepower Management Center (FMC), a Firepower 9300 Series and 4100 Series security appliance has its own web interface, called Firepower Chassis Manager. T...
Resolved! Cisco FTD Mail Events
Hello,We have Cisco FTD and FMC, version is 7.0.1I Would like to configure FTD in such way:When Endpoint device will be compromised then FMC must notify to me by Email. Is it possible?
Hi, I have enabled Decrypt known key for inbound SSL decryption and inspection (external world accessing DMZ web server).And would like to enable decrypt and inspection for outbound SSL (internal user accessing external website).However, our internal...
We followed the steps indicated in the following link for HYPER-V ASAv and it does not work. Only shows 1 interface no matter what we do. Wondering if there is a reliable and updated documentation that actually works. thankshttps://www.cisco.com/c/en...
Hi, We have the following Network design The FirePower is the Gateway for all Networks. If Traffic is send from a Client to the Internal Server it has to go through the FTD because of Routing between the Client Network (10.0.5.x/24) and the Interna...
Resolved! Cisco Firepower 2130 License
Hican I know all Licenses available for Cisco Firepower 2130 , with Smart Net support as it is good for small business ? or do u prefer other one
Resolved! ASA Dynamic NAT (Hide)
Can someone look at attached files pics and help me understand what the difference is between Dynamic Pat & Dynamic PAT (HIDE) ? It appears from this ASA config the Dynamic PAT (HIDE) was explicitly chosen for the Backup interface and I don't underst...
Hello,We have been experiencing a weird issue on our ASA when attempting to monitor the logs on ASDM. For months we have read through as many posts as possible trying to figure out where the issue stems from but so far, no luck.This particular ASA is...
hi team, i am not able to change crypto key erro mention below Cennet_Internet_Rout(config)#crypto key generate rsa modulus 4096% You already have RSA keys defined named Cennet_Internet_Router.ndpl.com.% They will be replaced. % The key modulus size ...
hi team, i am getting logs below mention 138891: Sep 26 04:38:08.045: %SSH-5-SSH_COMPLIANCE_VIOLATION_RSA_KEY_SIZE: SSH RSA Key Size compliance violation detected. Kindly note that the usage of keys smaller than 2048 bits will be deprecated in t...
