Network Security

FTD - Inline Set

Dears, I have an FTD that have 3 Interfaces (Inside, Outside and DMZ). This FTD should be implemented in transparent mode and Only-IPS should be applicable. As per cisco documents, in transparent mode we must create Inline Set between interfaces to b...

Resolved! Outgoing ACL on OUTSIDE kills IPSec traffic ASA

Hi All, Just the other day I created an outgoing ACL on my OUTSIDE interface on the ASA. The source is a couple of internal servers which I need to deny internet access to. The servers will have to exit other interfaces on the ASA so I thought that i...

Resolved! Firepower 2110 & 2120 IPS throughput

I'm working to validate the speeds through our Firepower 2110 & 2120 devices (running 7.0.1 snort3). We recently bumped the speed on our internet connection to 1gig, but these two devices don't seem to be able to handle the throughput. As it stands,...

Cisco ACS Replacement

Hello! We have a very old Cisco Access Control System (ACS) Appliance, I believe the software version is 3.3. A couple of years ago we were supposed to replace it but we didn't do it. Now, we are looking to replace it and I want to know if the latest...

DNS Servers per DHCP Pool on Cisco FDM 1010 - not solved

I'm posting the post once again as previous status shows for some reason as solved, I believe somebody could spoof me somehow, and I can't revoke it now.I just wander is somebody could help me. I'm trying to set different DNS server per each DHCP poo...

When does Cisco FDM support interfaces to be inline or inline with tap

Hi All, When does Cisco FDM support configure interfaces to be inline or inline set with inline tap? Nicholas

FTD Heartbeat error down after upgrade to 7.1.0

Hi all.my FTD with HA mode and FMC managed was working fine.after upgrade to 7.1.0. I have a Heartbeat error from the Standby unit. do you have the same problem?at the same time of the error, I checked reachability, but FTD is totally reachable!! Tha...

Searching on policy does NOt work in 7.1.0 - FMC

HiI Already upgraded my FMC and 2 FTD 1140 to 7.1.0.I can not search in the Policy for example a 'keyword' or name or DST Zone and so on. it is wonderful Old features do NOT work for new generations that worked before ...!!!

DNS Servers per DHCP Pool on FTD/FDM

I'm glad not to be the only person complaining about this. DHCP flexibility on a NGFW FTD device is all but completely useless compared to the older ASA. I don't mean to be so unkind toward Cisco, but the FTD requires a significant amount of priming ...

DNS Servers per DHCP Pool on Cisco FDM 1010

Hi, I just wander is somebody could help me. I'm trying to set different DNS server per each DHCP pool and only working solution which I found is below:https://community.cisco.com/t5/network-security/dns-servers-per-dhcp-pool-on-ftd-fdm/td-p/4038245T...

Juniper SRX 1500 replace with Cisco NGFW 2130

My customer wants Juniper SRX 1500 but I want replace with Cisco NGFW 2130. Kindly advise if 2130 will be a good equivalent or better solution as border FW / internet FW/router for customer school

Resolved! Enable logging on a single rule in ASA

Hi,I am trying to log connections on a specific ace rule in the ASA and wonder if this is possible to do that without first enable the same loggin level globaly? At the moment I have an ace that looks like this - access-list management_access_in line...

Resolved! FMC Migration - Derigistering Source FMC from SSM, Impact.

We will perform the steps in:https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/migrate_your_fmc.html We have below two questions regarding the impact of the step 6 in the migrations guide. What w...

Resolved! Cisco Software Licencing Website Woes!

Hi all... this is kinda of embarassing.. but at the same time frustrating.,. I've been configuring cisco pix/asas for years. Normally 5505/5510/5515's etc and more recently 5506 and 1010's.I've never had a problem with PAK licencing and registering e...

help with a firewall wan design

Im dealing with a strange design for a firewall where it is connected like this > ISP router interface 192.168.10.1>firewall outside interface 192.168.10.2>firewall inside interface 192.168.1.1> switch interface 192.168.1.1 As you can see the firewal...

Network Security

Forum Posts

FTD - Inline Set

Resolved! Outgoing ACL on OUTSIDE kills IPSec traffic ASA

Resolved! Firepower 2110 & 2120 IPS throughput

Cisco ACS Replacement

DNS Servers per DHCP Pool on Cisco FDM 1010 - not solved

When does Cisco FDM support interfaces to be inline or inline with tap

FTD Heartbeat error down after upgrade to 7.1.0

Searching on policy does NOt work in 7.1.0 - FMC

DNS Servers per DHCP Pool on FTD/FDM

DNS Servers per DHCP Pool on Cisco FDM 1010

Juniper SRX 1500 replace with Cisco NGFW 2130

Resolved! Enable logging on a single rule in ASA

Resolved! FMC Migration - Derigistering Source FMC from SSM, Impact.

Resolved! Cisco Software Licencing Website Woes!

help with a firewall wan design

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?