Hello, I have some doubt on the Cisco FMC Licensing.Trying to search around but unable to get the answer.Our customer currently using Virtual Firepower Management Center to manage 3x Cisco ASA devices with Firepower services. 2x Cisco ASA 5525Current...
Forum Posts
Hi All, I'm replacing a legacy Cisco 3825 ISR that was doing are internal routing and firewall with a Cisco NGFW 2110 using FTD version 6.2.2. at a branch location. It's basically firewall/router on a stick and I have only two Layer 2 2960-X access...
Resolved! NAT on FPR-1010 using ASA Image
Hello, I am trying to figure out why NATing with certain ports on the ASA is failing. It seems when I try to NAT ports 22 or 443 on the inside of my network I do not get successful connections but if I take and modify the NAT to a different port that...
I am currently running FMC on VMWare ESXi 6.0. This FMC is managing two pairs of FTD clusters in two different Data Centers, and everything is working fine. I've been doing a nightly remote backup of the FMC. Now I have a requirement to test disas...
Hello everybody,our customer has a ASA (OS rel. 9.8(43)2) and the AnyConnect client 4.9 on theirPCs.Recently the SSL certificate expired and they got the AnyConnect notification windowabout the 'Untrsted Server Certificate' and could connect after cl...
Hello TeamWe are plan to configure firepower threat defense manager standalone on OCI cloud in KVM based. Is there any specific documentation related to FDM & OCI? Please share.
Hi All, Recently we have been alerted by our monitoring systems that our ASA 5515 has reached a critical memory alert. Its exact alert is "CRITICAL: Memory 'MEMPOOL_GLOBAL_SHARED' Total: 123.08 MB Used: 117.56 MB (95.51%) Free: 5.52 MB (4.49%)" Thi...
Hi Diagram is like this PC--Switch--ISE. An internal account is created at ISE. After login, The Live logs shows like below. In Status column, one is Green and other is Blue. What is that meaning with Blue? and screenshot for PC nic is like the secon...
hi Would the below work? The source subnet will remain same but whether the users are trying the first destination or second, the requirement is that the destination is Nat'd to the same IP? I can see this working if initiated from internal but if in...
Resolved! Best practices for ACP on FMC
I've been looking for best practices and found this: https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/best_practices_for_access_control.html. I feel as if I'm missing something still. Last Friday ...
I believe that this is NAT issue. The issue is from the inside, when I try to ping or access anything in my DMZ1 or RA subnet it is send to the outside interface. I have confirmed this by doing tracert for 144.168.0.x and 124.140.0.x two other foreig...
Resolved! IP whitelisting
Hi,I want to whitelist a scanner host on our network that is triggering lots of intrusion events.I tried to right-click the IP address and the select "Whitelist IP now", and it puts the IP in the Global-Whitelist, but intrusion events are still gett...
Resolved! ISE 3.0 backup and restore
Does Cisco ISE 3.0 now backup and restore the certificates private keys?
Is there a way to have the ASA refresh its SNMP tables quicker than the default?
I am using version on 6.0 on a physical 1600 FMC, we have configured a proxy in order to download updates from FMC and things like this. In house we also have the Smart Software Manager Satellite for licenses.From FMC we are able to download updates ...
