in EVE-NG I simulated a simple network environment with an FMC (6.4.0-113) and two FTD in cluster (6.4.0-102). I also added two PCs in order to test the security policies and the traffic works as I expected: I created this LAB in order to replicate a...
Hi, I have two site as below. Site 2 is the backup of site1. They connect via site to site vpn tunnel. LAN-1 and LAN-2 can talk with each other well.I set up AnyConnect for Site 1, AAA is from Microsoft AD at LAN-1. It works well.Now I am trying to...
Hi all, I can access but cant ping the host falling in different sub interfaces of Cisco Asa. Pls find below configuration and let me know what im missing. ALso im getting the below logs when im trying to ping host if between subinterfaces Built {in...
Hi,I thought could be useful to have the URL Filtering categories descriptions. Here URL categories feed used by Cisco Firepower/Firesight: http://www.brightcloud.com/tools/change-request-url-categorization.php#catdescription Hope this help,Dominic. ...
in Cisco ASA all VPN users accessing FW and servers using Cisco any connect with a specific URLI have changed URL which is recorded in Goddady, but once I connect the message shows certificate untrust , there are some CA certificate in ASA for old ...
How to find High Bandwidth Consumed Traffic from a Certain User. For I want find for a source what is the top ip that used / consumed high bandwidth within a certain time from FMC. Looking for some tips.
Hi, I need to set up FTD as answer-only for VPN site to site tunnel. I use FMC to set up. I could not find a place to do that, could you help? Thanks Loc
Hi all, I want to test my IPS Appliance Firepower 7120 whether can raech to my Syslog server in different subnet by using Ping. So, I ssh into the Appliance but I cannot find a way to exceute the Ping command. Below is the information on the Applianc...
Created a new vpn policy the other day and pushed it to a pair of appliances, but when i did the deploy failed and as a result faced an outage briefly on the network. Modified the configuration, redeployed but same results (failed plus an outage). ...
HICab anyone tell me whats causing the below please and possible fix . also below warnings are some tests I ran which were succesfulThanks May 13 07:29:36 CFMC-01 SF-IMS[12342]: [12363] CloudAgent:IPReputation [INFO] The curl option for ip verify_p...
Hi all, Im unable to block Youtube over Chrome, however Firefox and Internet explorer are blocking it. Following are the SSL and ACP snaps for you. Please assist.
Hi Team, We've setup a temporary FMC on Google cloud to migrate from 5525 ASA to Firepower FTD, the configuration has been migrated successfully via the migration tool. However, we are unable to deploy the policies onto the FTD. Please see the atta...
I've been asked to gather documentation that proves that automatic snort downloads that are scheduled are checked via FMC prior to being downloaded. They are asking to see if the hash is checked prior to installing the new .vrt file into FMC. Can any...
Hello So I am having some issues deploying NAT... My FPR1010 has a WAN (outside) IP 207.108.121.X which has a LAN (inside) 192.168.1.0.I have NAT on INSIDE for an Internal Network (connected to a SG550) which is 192.168.5.1-192.168.5.55The 192.168.1....
Hello, we are testing SAML authentication and we can't get certificate authentication to work.Currently, we are using AAA + Certificate authentication. we are on version 9.17(1) with an Anyconnect client on version 4.10.0208 There is an incompatibi...
