Hello Dears We have Firepower (FMC and FTD) , Our ISP gave us a Private IP (10.1.1.10) and and 2 Pubic IPs (2.1.1.1 + 2.1.1.2 )our default gateway is VRRP (10.1.1.1) I will translate (2.1.1.1 ) to our server in DMZ But I don't know how to assign...
Forum Posts
Discuss the consequences if connection failsa)Five device arranged in mesh topologyb)Five device arranged in star topologyc)Five device arranged in ring topologyd)Five device arranged in bus topology
I have firewall i am reviewing for migration that has outside and backup interface with a trace applied and metric for priority it looks like. I SSH'd in and ran "Show Failover" and the command output stated requires failover license? Am I ok to assu...
Hi everyone, I had FTD HA with two devices. The primary device broke two days ago. Now got a replacement device through RMA and want to restore HA. According to the guide (https://www.cisco.com/c/en/us/support/docs/security/firepower-management-cente...
I have upcoming project where remote user VPN's connect to a tail site A and also can access multiple other tail sites (B, C, C ) using Outside Crypto Map off of tail site A. I believe this is referred to as hair pinning over VPN. I am very stressed ...
Resolved! ASA 5525-X licence activation
Good eveningI have a little problem for activating the ASA 5525-X ips license. I would like an explanation please. I installed the FMC platform to manage my ASA 5525-x with IPS module. I bought the FMC and ips licenses but I received only one PAK and...
Hello everybody, I have downloaded FMC 7.0.1 from CCO and started the virtual machine on VMware ESXi 7.0.1. After a longer time of the boot process I got the login prompt and entered the default login admin/Admin123 but it was not accepted (see att...
Hello Just checking whether it would be possible to have the FMC integrated to another standalone ISE node (acting as its own PAN/MnT/pxGrid) I think the answer is 'no' since I had a look on my own FMC and even though I can specify two pxGrid no...
Resolved! ISE-PIC integration with FMC 7.0.1.1
Hi, Anyone can help on how to integrate ISE-PIC to my FMC step by step if possible? I have already added probes and it is working now but i have trouble configuring the ISE-PIC to FMC especially the certificate part which is kind of complex. also i ...
Hi Team, Could you please guide me the steps to edit the Object-group name in the cisco ASA 5506 Firewall ? ASA Software Version 9.8(4)43 ASA01(config)# object-group network o365-Skype rename teams ...
I am doing a migration of existing HQ and Tail site ASA;s primarily 5506-X to new FTD 1010's managed by FMC 6.6.5. I was curious as to how the best approach would be. In the past I manually went through all ASA;s and documented all the network\servic...
Hi Experts, I am attempting to setup the following on an Firepower managed by FDM. All the OSPF settings have been replicated except "redistribute static subnets". I've tried and observed that after enabling only "redistribute static subnets" and s...
Resolved! Policy-based IPSec with Azure
Does anybody ever experience an issue with a policy-based tunnel between ASA ASA5525 (9.12(4)18) and Azure? We have tried the standard ikev2 configuration, even when the tunnel comes up it goes down sporadically, with ikev1 the tunnel doesn't even co...
Hi, In an emergency situation where a firepower device has a corrupted drive. Is it possible to use a physically compatible drive as a replacement instead of ordering a direct replacement from Cisco or vendors? Thank you.
Resolved! Anyconnect Plus licenses
I have purchased Anyconnect Plus licensing on behalf of customer for upcoming firepower project for FTD 1010's. I didn't really think it through until now but I have 4 FTD 1010's and I am wondering is if users at these tail sites will be able to use ...
