Network Security

How to search FMC ACLs for an included IP address

Hello! Hopefully this is an easy question. In ASDM, I was able to search the ACLs for an IP address. It provided the option to search for "included". In other words if I were to search for 192.168.1.12 and there was an ACL that had 192.168.1.0/24, it...

Resolved! Licensing needed to go HA on fpr 2100 series ?

Already have a fpr2110 up and running, would like to add another to go HA (active/ standby or active/active). What additional non-standard licensing is required?Also, can my 2nd unit be a more powerful appliance, for example a fpr2120? Thank you in...

Unable to access ASDM on ASA5510

We have now been unable to access the ASDM on our HA Pair 5510's from any of your previously working Windows 10 PC's. If we try via the ASDM client we get the error "unable to launch device manager" and if we try and launch thru IE we get error belo...

Resolved! Intrusion Policy Firepower Recommendations question

Community,When Firepower Recommendations are enabled in the Intrusion Policy, are these recommendations generated based on the results of the Network Discovery Policy? If not, how are they generated? Thank you.

API - Open close ports with script

We have Fire Power FMC. I know they have and api, but I am having trouble finding some direction. I would like to have a NAS behind one interface that replicates with our backup system. However, I want to open the connection only for replication. ...

FMC 750 Login Banner Issue

Team I am unable to see Banner PoPing up on FMC gui when we log in its just when you type the URL https://x.x.x.x it just show up in the browser window on the initial page where username & Password we need to add I need to see Banner pop up when we e...

TACACS configuration question

Is there anything wrong (or missing) with the sample TACACS config below? And does it matter what order the commands are entered? In config docs, I've seen so many variations of tacacs config that it's making my head spin so I'm trying to make sense ...

Resolved! Upgrade FMCv device licence

Currently have a FMCv with a 2 device licence of which both licences are consumed. Customer now wants to add in a third Firepower managed device which will obviously take it over the device limit. I know that I am unable to "stack" up 2x 2 device lic...

Resolved! Block URLs using ASDM

I would like to use ASDM to block my users from accessing certain websites. I am using ASDM 7.9 on ASA 5508. For instance, a url like Facebook, has multiple IP addresses. Any suggestions? Thank you.

Resolved! Firepower 4110 (6.6.0) - Error message: High unmanaged disk usage on /ngfw

Hello everybody, newly our customer get the error message in teh FMC Health Monitor: High unmanaged disk usage on /ngfw /ngfw using 85%: 106G (20G Avail) of 126Gon both Firepower 4110 of a HA pair (see attached screen dump). My questions:1.) What can...

Load balancing using Cisco Asa Firewall

Hello All, Please check attached Diagram. Have two ISP Connection connected to Cisco Asa Firewall. Basically i want my subnet 172.16.1.0/24, 172.18.2.0/24 traffic should go via ISP1 and only subnet 172.21.20.0/24 traffic should go via ISP2. Is it a...

Resolved! Firewall queries

Hi All,QN1.I have a network object 10.0.0.0/8 and it is added to "my-internal-ip network" object group.in ASDM i can check where this policy is used and policy number.similary , is there any way to check in CLI for the above asked details. QN2 .i hav...

Confusion about File/Malware protection on FMC/FTD

I guess I have some main confusions related to the File/Malware inspection/protection feature on FMC/FTD: 1. From FMC Configuration Guide for File policies and advanced malware protection here: "A policy can include multiple rules. When you create th...

ASA Local DNS resolution Entry for SSMS on Prem connection

Hello together, I want to connect our FP1010 (IOS 9.14.x) over VPN-Tunnel to our internal SSMS on Prem. Like this:https://ssms.mycompany.local/Transportgateway/services/DeviceRequestHandler But my DNS config is pointing to external: dns domain-lookup...

ASA 5516X w/ FTD, traffic being denied on interface nlp_int_tap from 169.254.1.2

Hello All,We have setup a new ASA 5516X running FTD 6.2.3.2, and have certain events being logged to an external syslog server. The ASA is sending events to our server every few seconds with events such as:%ASA-2-106006: Deny inbound UDP from 169.2...

Network Security

Forum Posts

How to search FMC ACLs for an included IP address

Resolved! Licensing needed to go HA on fpr 2100 series ?

Unable to access ASDM on ASA5510

Resolved! Intrusion Policy Firepower Recommendations question

API - Open close ports with script

FMC 750 Login Banner Issue

TACACS configuration question

Resolved! Upgrade FMCv device licence

Resolved! Block URLs using ASDM

Resolved! Firepower 4110 (6.6.0) - Error message: High unmanaged disk usage on /ngfw

Load balancing using Cisco Asa Firewall

Resolved! Firewall queries

Confusion about File/Malware protection on FMC/FTD

ASA Local DNS resolution Entry for SSMS on Prem connection

ASA 5516X w/ FTD, traffic being denied on interface nlp_int_tap from 169.254.1.2

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Cisco FPR-1010 always boot to FXOS mode

Cisco FTD portscan

ASA-AWS - EC2 IMDSv1 required for the PAYG license to be applied

how are blocking cookie and java be applied in real situation?

Comm test between subinterfaces and physical ports in ASA Firewall

Cisco ASA ACL and NAT for RDP through subinterface allow any

is this flow impossible?

DDOS and "Error processing payload: Payload ID: 1"

ASDM unable to login for v7.18(1)152

Logging Informational Configuration in Cisco ASA