Hello, I have experience from PaloAlto L7 filtering and I am trying to mimic the behavior on the FTD but looks like it maybe doesn't work like that. In essence I want to only allow specific apps and deny everything else. The issues that I have on T...
Forum Posts
I would like to ask cisco to block some sites that are not being blocked when I use the following DNS(208.67.222.123, 208.67.220.123). How do we do it? Where to contact?
Hi all.FTD v7.2.0.1 configured from scratch as perimeter firewall, FMC managed. For testing purposes, only two zones, "inside" and "outside".I created a NAT policy, set up a static "Auto NAT" rule with "inside" as source zone and "outside" as destina...
I am trying to find a way to export ACP PFP and NAT table change an interface name and re-import. I am adding a backup internet circuit and the only thing I need is to change the outside interface name ex. "outside" to "backup" then re-import. Is thi...
Hello, trying to find out whether or not the switch C93180YC-FX3 is vulnerable to the Treck TCPIP stack multiple vulnerabilities (Ripple20).
Hello, I have a new FTD installation and I get the error about cloud configuration. I have threat defense and URL license. What does this error indicate?Do I have to configure sth in particular? Regards,Konstantinos
Newly installed FMC virtual is not accessible through GUI. I can ping the FMC IP however, GUI is not accessible when I'm trying to reach FMC through https. Output of below commands is attached. Version: (Cisco_Firepower_Management_Center_VMware-6.2....
I'm about to implement two Firepower 2100 on my company. I would like to know about the differences about HA Schemes, Is there any services that can work differently on each scheme? which one is the most recommended and why?
Hey guys, So I am a bit new on ASA and was doing a basic lab, topology attached. I have vlan 10 & 20 in my inside network. Following are the routes that I have configured on ASA, CoreSW & ISP-RTR Core SW route: ip route 0.0.0.0 0.0.0.0 30.0.0.2 ASA...
I couldn't boot sfr image for v6.4.0 while re-imaging firepower service as shown below and in the attached debug file ASA 5515: fresh reimaging firepower 6.4.0Cisco Adaptive Security Appliance Software Version 9.12(4)10---- --------------------------...
Hi,Cisco FireSight Manager + FTD Is there a way of adding/assigning a private address range to a geolocation? So that it can be used in an acl and also appear against a country in the reporting?For example assign 10.0.0.1 to United Kingdom.Thanks in...
Resolved! Managing Cisco Firepower without FMC
Hi, im trying to understand the following when we say ASA with FirePower, we mean upgraded ASA boxes which have the Unified ASA Image? What is FTD? What is the Difference when we say ASA with FirePower and the Firepower Appliances? and to manage a C...
Resolved! FTD ECMP with multiple interfaces
ASA 9.3(2) introduced the concept of zones with ECMP support across different interfaces (in the same zone): You can group interfaces together into a traffic zone to accomplish traffic load balancing (using Equal Cost Multi-Path (ECMP) routing), rout...
Resolved! Cisco FMC/FTD VRF
Hi folks,We have cisco FTDs 2110 managed by FMC ver 7.0.1.We have a requirement wherein we need to onboard multiple small entities into our existing infrastructure with different ip schema. Presently, we are managing our entity routes via static.I ha...
My SSL decryption policy and rules seem to be working correctly but looking thru the logs I found an interesting anomaly. I see "invalid issuer" for traffic flows that seem to be working fine. There are also "valid" events but it seems like it depe...
