Hi,I have deployed Cisco FTD virtual and FMC in AWS EC2 instance and it is up and running.I wanted to know how to connect a PC or a vpc to the FTD and test the firewall.Please let me know how to test the Cisco FTD running in the aws instance.Thanks.
Forum Posts
What is the best practice when monitoring Cisco ASA Firewalls (ASA5525-X or FPR1120-ASA) configured in Active/Standby or Active/Active HA? If we configure them as separate hosts in our SNMP software using their interface IPs, everything is fine till ...
Team, I researched about this and couldn't find a straight forward answer for this. Is there a simple OID to poll which firewall hardware unit in a firewall failover pair is Active and which one is standby? I found OIDs to poll the state of the firew...
Hi,I recently had to migrate a FTD HA (tow FTD2130) from one FMC to a new one.I installed the FMC in the exact Version and restored a five day old backup from the OLD FMC to the NEW FMC.Everything was the same from the MGMT IP of the FTDs (10.0.0.x/2...
Resolved! Deploy Multiple FMCv
Hi, We have 2 office sites (HQ and a remote site), each site have two FTD devices and we have purchased a single FMCv (VMware) for 10 devices. My question is, is it possible to deploy FMCv (not cloning, since not supported) for each sites (1 on HQ an...
Resolved! Management Vlan configuration!
Hello all,I want to configure management vlan for all the devices on network: router, FW and SW.The topology ist as below:Internet---Router---ASA--subint,10,12,13,30--2960SW---PC(on access port vlan10)I did the below configuration:1. create subinterf...
Hello community, Our client has 2x FTD 1120 with latest version 7.2.0.1-12 and also FMC with latest version 7.2.0.1-12. The FMC is integrated with ISE-PIC for user authentication. We are facing some problems with filtering and FMC is showing this er...
I have Discovery Policy for Internal Zones where I am only getting network map for 2 of my FTD's internal zones and my 3rd FTD subnet is not showing up in the network map. I see connection events for this particular subnet but the PC icon for the e...
We have Access to Cisco Firepower Management Center and Firepower Threat Defense version 7.2.0 When we try to register a key to establish the connection between FTD and FMC, We are getting the below error in FTD, File HA_State not found. Because of w...
Resolved! FTD syslog export to debugging level
Hi Experts,We are attempting to export logs to IBM qradar SIEM.It seems we need to set the logging level for syslog export to debugging to get session data exported.Will it cause resource issues on our FTD's if we set the syslog export to debugging l...
Hello.I have redundant 5506x and frequently the FW will not hand out an address to either a PC or phone. If a forced failover or power cycle occurs, it fixes the issue until it occurs again. This configuration has been working for years. Inside inter...
Hi,We have FTDs mgmt by FMC version 7.0.1. We are using certificate authentication on RA VPN configuration. Indentity Certificate signed by our local CA has been expired, we have installed a new indentity certificate. Have refreshed the cert status o...
HiI am configuring an ASA device. I am noting the NAT is not working and the PRIVATE deivce can not reach the destination/gateway(192.168.237.65&192.168.237.129). Can someone help to check the config?interface GigabitEthernet0/1no nameifno security-l...
Hi everyone, have a nice dayI have a big network with multiple cisco routers, switches(IOSXE, IOSXR), and NX, I found in the ARP table multiple IP addresses with the same mac address, I try to track the mac address but the port for this mac return me...
I have two ASA5555X running version 9.631, about 2 months ago the active asa started refusing ssh in all the interfaces, after the restart I can ssh again, then a couple of days or less no ssh again.then the primary (active) started failing gradually...
