Network Security

ASAv Azure: VPN client traffic doesn't pass unless hide NAT to inside

We have an ASAv deployed in Azure, running code 9.14(2)15 . For the record, this ASAv was deployed by a consultant, not me originally. The inside and outside interfaces sit in the same Azure vnet, I believe this has to be the case? We have a publi...

Resolved! ASA 5516x replacement with FTD 2130 Site to Site VPN Question

I have an existing ASA 5516X in a remote office doing an "extranet" vpn tunnel to my main office FTD 2130 via FMC. main 192.168.3.0/24 <-> 192.168.20.0/24 remote I have a new FTD 2130 I'm going to use to replace the 5516X It is managed and I can dep...

ASA to FTD Migration - the selected device config mode is not same as

Hi,I am migrating from ASA to FTD with the help of FirePower Migration Tool.I fetched the startup-config from FTD and manually parsed.The FMC is connected successfully and it detected the FTD but when selecting the FTD, it says"the selected device co...

Firepower 2110 boots to ROMMON and couple other questions

I have a Firepower 2110 connected to a 3850 switch with an access port. I have FMC on a VM on the switch that my Firepower is connected to. Overnight, I don't turn off the switch its connected to and it will seemingly boot to ROMMON mode. I have n...

ASA 5525 Alarm

When i run command show controller pci. I get the below, How do i fix this. 1.) System is not fully operational - The PCI device with vendor ID: 0x1000 (LSI) device ID: 0x0a05 (Accelerator) could not be found in the system.

SKU For ordering ASA software to FTD software no-cost license

Hello community,As per the subject, we are about to order a pair of FPR1140 with ASA software/license. But the question came up what if we want migrate to FTD software later in the future? So I understand there is an zero cost SKU for the conversion ...

FMC - URL Filtering download failure

Customer produce FMC v.6.4.0.7.There are 2 devices connected -first - HA bundle of 2 FPR2130 (FTD) - License: Base, Threat, AC Plussecond - ASA5515 (FTD image) - License BaseThe FMC reported errorURL Filtering Monitor - URL Filtering Download Failure...

Unable to see proxy arp working for a staic nat entry on Cisco ASA

Hi GuysI have an HA pair of ASA5508 firewalls and I am having trouble getting a simple static Nat statement working.I am unable to see any traffic towards the interface VIP hitting my outside interface of the firewall. I have run a capture for arp sp...

Resolved! firepower 1150 with F5 load balancer

Dears,I have 2 firepower 1150 will be configured as HV. i need to connect with f5 load balancer. my quation is where to put F5 before the firewall nd facing internet or after my firewall? i will put my servers in DMZ

Managing ASA over VPN

As the title says, I have a VPN ikev2 tunnel from a Fortigate to a Cisco ASA, but the snmp/ping anything doesnt work on the inside. Also I saw in Forti logging that the traffic is going over tunnel, but on the ASA I don't see any packets on sh cry ip...

Switch Data Attacks

Hello, We have cisco sg300 switches (switched network/ LAN), and we are collecting interface statistics data such as in/out octet, unicast, multicast and broadcast for each switch and each port of the switch.Can we detect sniffing attack on the switc...

Resolved! Cisco FTD Various Logging Configuration Differences

Hi Guys, I hope you are doing fine. I have a question regarding Logging configuration in FTD. As you may have observed, in Policy section there are two possibilities where you can edit Loggings:1- Policy > Access Control > Logging2- In each specific ...

ASA firepower SSL decryption rule behavior not as expected

I have several servers that use the same wildcard cert so I created a network group object that includes all these servers. In the SSL policy I reference the group object in a "decrypt - known key" rule. This worked pretty well until one of the se...

Talos reputation monitoring

Hi all, I am interested to monitoring the reputation of some IP that we use to send mails.Is there any API or some way to get the reputation that can be consulted from cisco talos to monitor it?We think in take the parameter (good, neutral or poor) f...

Firepower 1120 - ERROR: CP 0x84 MemoryTest() failures detected !!

Good Day Techs Reaching out for some advice We are getting error on one of our firewall: ERROR: CP 0x84 Memory Test() failures detected !!ERROR: Memory Test() Inspect DIMM !! Wondering if it is worthwhile to try to reseat the memory module? Or contac...

Network Security

Forum Posts

ASAv Azure: VPN client traffic doesn't pass unless hide NAT to inside

Resolved! ASA 5516x replacement with FTD 2130 Site to Site VPN Question

ASA to FTD Migration - the selected device config mode is not same as

Firepower 2110 boots to ROMMON and couple other questions

ASA 5525 Alarm

SKU For ordering ASA software to FTD software no-cost license

FMC - URL Filtering download failure

Unable to see proxy arp working for a staic nat entry on Cisco ASA

Resolved! firepower 1150 with F5 load balancer

Managing ASA over VPN

Switch Data Attacks

Resolved! Cisco FTD Various Logging Configuration Differences

ASA firepower SSL decryption rule behavior not as expected

Talos reputation monitoring

Firepower 1120 - ERROR: CP 0x84 MemoryTest() failures detected !!

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Announcing the release of Firewall Migration Tool Version 7.7.10

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

Yubikey for authentication to protected applications on FTD

CSF 1210 CE FTD Event viewer problem

cFMC and event logging - Cannot change timerange

Application PBR in FDM

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?