Network Security

Converting ASA 5516-X that does everything to FPR-1100

My current 5516-X pair is acting as internet border, AnyConnect VPN headend, and IPSec VPN concentrator. Looking at converting to an FPR-1100 pair. If these are the only FW pair using FTD software, do I need the FMC software? Also, are there any guid...

Resolved! FTP Transfer and ZBFW Issue

Hi there,I am having an issue with FTP transfer and the implementation of ZBFW and that it takes several minutes before the transfer actually starts. Can be waiting up to 30+ minutes for the transfer to begin.Device is using FTP Active mode.Trying to...

Firepower Intrusion Event Alerting

Dear Community,We have IPS (Inspection) enabled on several of our rules in our Access Control Policy. Eventhough we can see the intrusion events in Analysis -> Intrusions-> Events, we do not see any of these intrusion events in our syslog files. I wa...

Duplicate TCP SYN from outside

Hi guys, recently my logs from Firepower are filled with msg: %FTD-4-419002: Duplicate TCP SYN from outside-x.x.x.x/xx to nlp_int_tap:(MY STATIC IP-from ISP/443) with different initial sequence number.So outside IPs and ports are random, i was readi...

Latency or disconnection because of NAT Translation

Hello Expert, We are seeing some issue with Office 365 traffic ( outlook, share-point, one-drive and Team etc), We are overloading the traffic on outlook interface and routing the traffic directly to ISP.We observed the issue mainly in peak hours.We ...

Resolved! FTD 7 HA Deployment Failure

Anyone have any ideas ?Refer to the following troubleshooting information when contacting Cisco TAC.Other logsJan 21 05:08:12 Starting Export for ApplicationDetectorsJan 21 05:08:13 Finished Export for ApplicationDetectorsJan 21 05:08:13 Starting Exp...

CheckPoint Firewall configurations to Cisco ASA configs

Dear team,I have Checkpoint firewall for my DC and i am planning to deploy Cisco Firepower 2130 ASA for my DR .I would to replicate the same configuration on Checkpoint firewall to the Cisco ASA firewall.what tool can convert this best and what do i ...

Faiover

the failover is working,

Packet Tracer Help - ASA Removes Transform-Set

Hi everyone,I'm wrapping up an assignment for my networking class. For the assignment I have to build a VPN tunnel between two ASA 5505s. I've managed to do this, but have a very strange problem. Every time I close and reopen my topology in packet tr...

Cisco ASA 9.2 - Cannot get FTP to work...either way!

Hi all! Hoping one of you can shed some light before I tear out what remains of my hair (not much, but I value it!) Have a Cisco ASA running 9.2. From factory reset did a quick configuration to test since I'm used to the old school PIX units and kn...

dmz

Hi ,I don't have a physical switch for dmz .Now If I want to share the same inside network switch ,what is the solution Thanks

secondary fails a policy push

In Firepower managed by FTD , the secondary fails a policy push

Interface Internal-Data0/0(): High error rate in FTD device

Hello , in our clients monitoring tool we see these message , Interface Internal-Data0/0(): High error rate...... The devices are FTD's 1150 in HA mode . I understand that this interface is internal to the device and move traffic into and out of CPU ...

ASA 9.12 Can't connect out from inside interface...

I'm upgrading an old (OLD) Cisco PIX to a newer ASA unit. Of course when I migrated the config (via CLI), it didn't like some of the old NAT commands and I had to modify appropriately. I have 2 interfaces configured (inside 100 and outside 0). I h...

Resolved! Vulnerability is found in cisco router

Hi When tenable scan, we got vulnerability info as below. Any solution can be used for this issue? Thank you A remote device is affected by an information disclosureThe IKE service running on the remote Cisco IOS device is affected byan information ...

Network Security

Forum Posts

Converting ASA 5516-X that does everything to FPR-1100

Resolved! FTP Transfer and ZBFW Issue

Firepower Intrusion Event Alerting

Duplicate TCP SYN from outside

Latency or disconnection because of NAT Translation

Resolved! FTD 7 HA Deployment Failure

CheckPoint Firewall configurations to Cisco ASA configs

Faiover

Packet Tracer Help - ASA Removes Transform-Set

Cisco ASA 9.2 - Cannot get FTP to work...either way!

dmz

secondary fails a policy push

Interface Internal-Data0/0(): High error rate in FTD device

ASA 9.12 Can't connect out from inside interface...

Resolved! Vulnerability is found in cisco router

CSCwq47299

pxGrid session subscription missing radius accounting session Id

Model Migration - 4110 Native to 4225 Instance S2S VPN Configs

ASA upgrade procedure on Hyper-V

Announcing the release of Firewall Migration Tool Version 7.7.10

Firepower / FTD File System Question RE: Upgrade File Storage

Disable SSH Algorithms on CISCO Switches

Session TImeout in Firepower

Ugrading ISE from 2.7 to 3.3 - Small deployment, downtime

Issues when logging into https://tools.cisco.com/sch/