Any solutions about user expired date and password policy on 7606 and 7609?I want to manage password criteria policy just like:Minimum length of the password is 8Special-case such as *, &, @Password expires every 90 daysPrevent using the same/old pas...
Forum Posts
My company has several Firepower 2130's across the network all being managed by FMC 2600. We have IDS/IPS functionality from the sensors. Currently we have our sensors set to IDS mode because once we change the IPS to prevention mode it drops all tra...
Resolved! ASA NO NAT Configuration - 9.6(4)23
We are in the process of implementing a NO NAT configuration on one of our firewalls and are running into an issue. We have created an object-group for source IPs that will have the NO NAT configuration applied. object-group network NO_NAT network-ob...
We are using version 7.3.2 and snmp is not connecting to the network equipment, I confirmed the username and password were correct, then using Splunk checked for traffic from the SMC to random network equipment and am not seeing any traffic from the ...
Hi all,i just bought and receive below item1. ASA5515-FPWR-K9 ASA 5515-X with FirePOWER Services 6GE AC 3DES/AES SSD2. SF-FP5.3.1-K9 - Cisco FirePOWER Softwarev5.3.13. ASA5515-CTRL-LIC Cisco ASA5515 Control License Question1. Is there any guide/manua...
Hi Team, I'd like to know if anyone of you have encountered an issue where Snort3 drop inbound emails from non-domains.(Ex: Gmail, icloud,Outlook.com)We've upgraded FMCv from 6.6.4 > 6.6.5-81 > 7.0.1-84 and then enabled Snort3. Once it enabled, inbou...
Hello, I am trying to start using the firewall 2100 via https, but for some reason I am getting this: System is coming up, please wait...Also the service is up, firepower-2110 /system # scope servicesfirepower-2110 /system/services # show ip-bPermitt...
I'm a programmer , and create a new and rare algorithm for data encryption ,it's not derived from other encryption algorithms.I need to communicate with one of expert team to showcase it, to check if it is of great benefit (as I see so far) so we can...
Hello all,I understand that Cisco ISE is a network access/admission control product that is deployed for enterprise campus wired & wireless networks. Although nodes are typically located in the data center, I was wondering if CTS using ISE can be us...
Hi, I have 3 sites, A, B, and C. A - Would be the HUB.B - Spoke - WorkingC - Spoke - Not working. From site A end device I can ping the ASA from site B, but I can't ping site C even with the same configs and tunnels are up I still can't ping ASA site...
Getting this error on a production site to site VPN when it comes with a Phase 2 mismatch (see attached config): %ASA-4-106023: Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:d...
HIIf the other end of the VPN isnt allowing an IP address could it cause the Drop below, I run a Packet-Tracer and it says VPN drop, the rule for our IP address is identical with exsiting VPN's I'm scratching my head,so do both peers ahve to match o...
Hi,teams I'm new to ASA and replacing an old ASA5516 with Firepower 1140 as VPN Gateway with AnyConnect.The VPN configuration for AnyConnect is the same as on ASA5516.When I attempt to connect VPN by using AnyConnect, It failed.This is what syslog sa...
We are experiencing communication loss issues to destinations behind our firewall. These packet losses are not constant but they happen quite frequently.We analyze the firewall logs and observe messages indicating an IP conflict on the outside inter...
Resolved! ASA is not encapsulating from IPSEC
I have a tunnel (ASA <> Meraki) tunnel is up and I can verify both ends.Problem is that, IPSEC from ASA can't encapsulate any packets but can decapsulate.
| User | Count |
|---|---|
| 11 | |
| 6 | |
| 4 | |
| 3 | |
| 1 |
