Hello, We have a Cisco ASA 5508-x with SFR module in our company. The FMC's software version is 6.3.0 and the SFR module is 6.2.0.5. I know that updating the FMC to 6.6.1 is quite easy through the web interface but my real challenge is updating the S...
Forum Posts
Well, how do you reset to factory default the FirePOWER module in ASAThanks! :D
FMC displaying "The server response was not understood. Please contact support." at the GUI login.After an attempt to upgrade our backup FMC from 6.6.1 (build 91) to the latest 7.0.4-55, the GUI does not allow login and gives the "The server response...
Error: Update failed: [Certificate request subject name in keyring firepower_cert cannot be resolved
Hello, I have a problem creating the CSR on my FTD. when I try to commit an error si show: Error: Update failed: [Certificate request subject name in keyring firepower_cert cannot be resolved]FP-4120 /security # create keyring firepower_certFP-4120 /...
Im having trouble updating our backup firewall, an ASA 5516, to 9.8.4.45. Its currently on .41, and after Ive installed latest ASDM and ROMMON updates fine, after i upload .45 and set it to boot, and reboot, it attempts to load it, says "error execut...
Hi,I'm beeing bombarded with tons of the following critical syslog messages:%ASA-session-2-106001: Inbound TCP connection denied from 62.40.54.215/2189 to 200.x.x.x/445 flags SYN on interface outside%ASA-session-2-106001: Inbound TCP connection deni...
Hi,I use x forwarded so my firepower can see the original source ip address instead of proxy ip adress. All works, but there one problem. The x forwarded tag also goes to the internet. I want to remove this tag before its going to the internet. Is th...
Hi,So i have a proxy and a firepower.If user on my network want to access internet, they traffics goes to proxy first and then goes to firepower. The problem is, on my firepower, the source ip become proxy ip instead of original ip. I want to change ...
Forgive me if this is a dumb question. We will be migrating from ASA's to FPR's and I am testing configurations in a separate testing network. I need clarification on the access control policy default action. Specifically, when used as a perimeter fi...
Hi all,I am successfully blocking Disney+ on the network with the FMC through Policies > Access Control. Disney+ is blocked via applications. But this also appears to be blocking ESPN. I tried applying a policy above this one that allowed all 3 (ESPN...
HiSo, i have a LAN network and a WAN network. For my LAN network, i use Cisco ISE as the NAC solution. And for my WAN network i use Forescout as my WAN solution. Right now, i can integrated my Firepower with my Cisco ISE, so i can block user access t...
Hello, I have an ASA5515X and it has been working ok up to now. I have now set up an exchange server on my private network. I have an AnyConnect VPN set up and it works great.I have followed all examples of how to set up mail routing but no matter wh...
Hi,Does running an ASA at debugging level logging 100% of the time impact CPU and or Memory? Are there recommendations from cisco about not doing this? We are having a discussion about ASA debugging level logging versus doing the same on routers. Of ...
Resolved! Problem excluding some health alerts
Hello, We are running a FMC with two FTDs in a H/A pair. Both the FMC and FTDs are on version 7.2.1 I want to exclude interface status alerts on the passive FTD, but that seams to be impossible. When going to Health->Exclude and select the passive FT...
HiI have FMC 7.0.4 and two FTD 1120 in HA v 7.0.1.I am testing file policy with rule: block all files in all directions. SSL decryption is configured and working. All files have been blocked except .docx, .xlsx, .pptx files.I do not have event that f...
