Network Security

DMz host

Hey I m new to network security. Need to design below setup. Advise how will I achieve thisI have partner connected to network. I want my hosts in DMZ via RDP from GRN able to access the services . Also any antivirus update or patches needs to be up...

Resolved! FTD reimage from USB on ASA hardware?

Hi,I've reimaged my lab Firepower 1010 a couple of times via an USB stick and it's working really good.Now, I need to reimage a faulty ASA 5508-X that are located in another part of the world and I'm quite sure it's not possible to use a USB stick to...

Internet traffic is also passing through S2S VPN on FMC

We have Site to Site VPN setup between few servers to a vendor. However seems all traffic including these servers internet destined traffic is also passing through the S2S VPN. How should I exempt internet traffic from S2S VPN

Password Policy on Cisco Asa

Hi All, Need to configure below password policy on my live Cisco Asa. Need to know will i lose the accessibility of my device anyhow after configuring the password policy. Also what are the precaution i should take before executing the command • Step...

FMC/FTD Identity Awareness query about user to ip mappings

We setup our FMC (6.4) to be a Pxgrid subscriber to Cisco ISE. ISE has several agents inastalled to retrieve user-to-ip mappings. I can't seem to find any information about how often:1/ ISE pushes user to ip mappings to the FMC2/ How does an FTD retr...

Resolved! VPN 2nd Profile Setup

Hello Experts @Rob Ingram @balaji.bandi I currently got AnyConnect VPN setup which is mapped through DNS to our Public Domain and its working fine. I want to setup another AnyConnect VPN which will be mapped through DNS to other Public Domain. I wa...

ASA port forwarding for remote VoIP phone

I’m looking for assistance with a rule and NAT policy Attached are the ports the phone company needs forwarded. I have the static IP of their system they are testing from and a user’s home static IP. Do you have an example of how the rules should be ...

Enable stun protocol inspection - FTD2110

Hi ALL Any option to enable stun protocol inspection for specific rules only in FTD2110If not do we need to enable it in global policy ... what are supportive commands to enable this protocol This is what we see atm > show service-policy inspect stun...

Port channel on Firewall 2110

Hello, Exploring port-channel configuration on the firewall for redundancy but to my surprise, it not supported on FTD running version 6.3.0-80. require FMC to do it.https://www.cisco.com/c/en/us/td/docs/security/firepower/630/fdm/fptd-fdm-config-gui...

ASA 5510 Software EOL Information

Hello, I have a customer that has a few ASA5510 in their environment. I realize these were end of support back in 2018, and have also read that the last software version supported on the platform was 9.1.x. Can anyone point me to information about ...

Resolved! Firepower 2100 boot directly to Rommon

I have a pair of Cisco 2100 series firepower devices that I am configuring for deployment at two separate locations. Currently when powered on, they go into rommon, without any prompt from me. Once I type the boot command they will complete their boo...

FTD lab - Security intelligence testing failures

Hey everyone,I'm running into some issues with my testing and I'm hoping someone can assist me with this as I'm a little lost.First problem I've come across. I'm browsing the security intelligence feed that's in var/sf/iprep_download/Sourcefire_intel...

inside to dmz

my post marked as spam i dont know whyi am doing a lab with packet tracer and i cant reach inside network to dmz asa config hostname ciscoasanames!interface GigabitEthernet1/1nameif dmzsecurity-level 50ip address 172.19.3.1 255.255.255.252!interface...

Resolved! How does work cisco Firepower's URL filtering?

Hi Teams, Firepower have URL filtering function.I have some questions about this.Q1) Firepower support URL restrict(filtering) option without Category license(In ACP rule). What is difference this URL restrict and URL filtering(use C License). Q2) As...

Firewall Redundancy

I have 55 users connect to two switches each switch has two cables each one for a Different FW one FW for VPN and one For Internet, ( each one also BKP for other ) each FW has one Cables to Provider other Site has one FW only now : between Switches a...

Network Security

Forum Posts

DMz host

Resolved! FTD reimage from USB on ASA hardware?

Internet traffic is also passing through S2S VPN on FMC

Password Policy on Cisco Asa

FMC/FTD Identity Awareness query about user to ip mappings

Resolved! VPN 2nd Profile Setup

ASA port forwarding for remote VoIP phone

Enable stun protocol inspection - FTD2110

Port channel on Firewall 2110

ASA 5510 Software EOL Information

Resolved! Firepower 2100 boot directly to Rommon

FTD lab - Security intelligence testing failures

inside to dmz

Resolved! How does work cisco Firepower's URL filtering?

Firewall Redundancy

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Adding an FTD with existing Config to an FMC

Assistance Needed for Cisco ISE 3.2 Lab Authentication with Stealthwat

ISA 3000 I/O contacts for red light kill switch ?

ERROR(567): No database files are available on Cisco Security Manager

CSSM On-Prem with FTD on FMC

Can ASA5555 License transfer to Cisco Firepower 2100 ASA?

ASA to FTD migration

FDM1120 Management Interface IP Address

OSPF Passive interface in FTDs

FMC displays working IKEv2 tunnel DOWN