While doing an SSL qualys scan on an ASA, no support for secure renegotiation and forward secrecy getting flagged. I am striking out on finding info on this. Anyone know how to fix this? I currently have tlsv1.2 only enabled with only stronger ci...
Forum Posts
Hello,I have a question regarding HA setup within a LAN, in a scenario where there are 2 main buildings. I'm curious as to how this would be best achieved through either configuration or from a design standpoint. I have attached an image showing the ...
Hi All I would like to know if the firepower 4100 setup in Active-Passive, so if the uplink switch in VSS, combine 2x 40G uplink to the Firepower pair. QuesionFirepower Active-Passive setup, what would the real time interface bandwidth would be , is ...
I am trying to forward port 443 to a local on prem proxy so I can host webservers. I also need remote access vpn enabled which as far as I can tell automatically enables the 443 service on the outside interface. This is happening even when I disable ...
Folks, I am trying to initiate a ping from my FMC Cli but I do not see Ping command available in CLISH mode.. All I see >ConfigureExitShowSystem When type system. Sytem> It will give other options but No Ping, configureexitexpertgenerate-troubles...
Hi everybody! I'm trying to wrap my head around a network design shown in the attachment. Essentially, it will be hub and spoke utilizing the FP2100 platform funning FTD. I haven't used FTD before and I'm having trouble getting the 'Gray Site to Site...
Resolved! PBR on FPR1140 6.6.0
Hi, Can anyone point us in the right direction to setup Policy Based Routing on an fpr1140 via the FDM? We cant use the FMC as we dont have a virtual platform compatible (Hyper-V). The FPR's are running software version 6.6.0, according to this artic...
Resolved! FirePower SSL decryption Known Key
Hi All,I have setup a SSL decryption Known key to protect our web servers.Seems like it's working as events show most SSL connections are "Decrypt (Known Key)" in SSL Status, and show URL details.However, there are still some SSL connections are "Do ...
Hi Community,I want to know if I can route traffic from inside to inside in the cisco ASA 5506.Context : (See picture added)I have 2 LAN in the building and the 2 LAN use the same ASA 5506 for internet and others purposes.I want users of LAN A to jo...
i have observer every 30mints time frame FMC is connecting to "intelligence.sourcefire.com" web site its showing as outbound connection and uploading the data. how do we stop or disable this activity in FMC.
Has anyone been able to complete a vulnerability scan on the Firepower devices (2110) and FMC? I've been reviewing this issue for about a year and want to pick it up again. We fixed our scanning of ESXi hosts, but we're still having issues with Fir...
Hi, I have some question regarding reimage FTD. We have a model Cisco 5545. The current version is 5.4.0-764 and plans to upgrade to 6.6.1. The question is can we use the backup current version after reimaging to 6.6.1? Since the path is very long, w...
e are sufferring to setup Network Interface of our newly launched ASAv on Azure environment. By default Managment interface took Public IP Address. But while trying to deselect "Dedicate this interface to management only" its not working. Its again g...
Hello, I've noticed that Cisco AMP is filling C: drive completely. The 'C:\Program Files\Cisco\AMP\Quarantine' uses 192GB of space.I've also noticed that this PC is generating a lot of events for the same file being quarantined over and over again. I...
Cisco ASA l2l vpn tunnel phase1 & phase2 parameters validation through CLII have to collect L2L vpn tunnel parameter details for multiple existing peer IP's but unable to collect actual information. please support.
Recognize Your Peers
.jpg "Hall of Fame Community Legend"){kind=icon}
.jpg "VIP Master"){kind=icon}
