Network Security

Resolved! Block IP

Hello, I have a pair of 2120 managed by FMC. I would like to block an IP that tries to connect to my vpn. I have fastpath policy and access policy I have put it in Security intelligence and it still passes to my authentication server, where it is bl...

Resolved! Cisco ASA - Difference in permit IP and permit tcp in extended ACL

Hi, I am coming from Juniper SRX and is very new to cisco and ASA. We have a new client and they have ASA firewalls. I am trying to understand the meaning and structure of these ACL statements. From what I gathered, structure for ACL statement will b...

Resolved! ASA ping comes back with ?

ASA was moved to new location. IP was changed, but users were unable to connect. Moved ASA back to original location, changed IP back to original - users still unable to connect When pinging ANY External IP - return code is '?' Nothing major was ...

Security Context License on Secondary/Standby ASA

hi,i got an active-standby pair of ASA 5555-X in multi context mode. we'll migrate to a new DC and plan is to remove and use the primary/active unit to the new DC and leave the secondary/standby running in the current DC to lessen the outage.the 100 ...

In the context of an ASA5500, what is the end of signature release date?

We are performing obsolescence on our system and I need to know when the ASA OS will no longer be maintained for security/vulnerabilities.

FirePower 1010 ASA - Cisco Smart Licensing chicken-&-egg situation

Trying to build a HA pair of FirePower 1010's running ASA software. Hit an issue with enabling failover without Smart Licensing being active.Issuing any failover command says 'ERROR: Command requires failover license'. I didn't have the same issue ...

Cisco ASA 5505 using cell phone internet connection

I know this an "out there" question, but I have a remote office that has a sketchy internet. I have seen that my asa can handle 2 internet connections in a failover type scenario. I am trying to use a Mifi (cell internet) connection as the backup int...

Resolved! Firepower Management Center virtual - Unable to download product updates

HII have a strange issue on my Firepower Management Center virtual.As shown attached picture, our FMC running software version 6.4.0.10He has a normal internet connection configured, and is registered with it's smartnet contract.I can install produc...

Resolved! Cisco ASA IPSEC VPN

Hi Do we have support for stateful failover of SITE to Site IPSEC tunnel on Multicontext mode.?I have pair of ASAs 5515-x with 9.8(2) i read the ASA Document...however still not clear. Guidelines for IPsec VPNsMulticontextContext Mode GuidelinesSupp...

Resolved! SFR license issue on FMC

Hi, would anyone please explain to me how to resolve unlicensed sfr devices issue?Issue: We have registered all premium features on the FMC with Cisco PLR license, then we added SFR modules to it expecting those will be licensed as well but still not...

FMC: How to whitelist a particular DNS request being dropped by “MALWARE-OTHER dns request with long host name segment - possible data exfiltration attempt”

Recently a particular DNS request is being dropped by the rule “MALWARE-OTHER dns request with long host name segment - possible data exfiltration attempt” and this is affecting our access to that external resource. We looked over that event packet i...

Resolved! FMC: Whitelisting connections from one IP to another IP does not work

In the Access Control Policy, we have mainly 2 rules in order: rule #1: Name: whitelist certain connections; Source Network: 192.168.1.5; Dest Network: 10.10.0.5; Action: Allow ("Drop when Inline" disabled)rule #2: Name: threat inspection; Source Net...

NAT pool transfer on Cisco ASA

We have Cisco ASA in "active-active" clusters , if there is a change of roles from master to slave (or vice versa) on any member of the cluster, there is a chance that the NAT pool ownership may not get transferred in the process. As a result, the ne...

Cisco ASA

Firepower ACP Intrusion Policy and Inspection

Dear Community, We have implemented Firepower 2140 FTD's in a routed/inline fashion. We would like to begin enabling Inspection on some of our ACP rules (starting with the Outside -> In Rules). However, we only want the Intrusion Policy to "monitor" ...

Network Security

Forum Posts

Resolved! Block IP

Resolved! Cisco ASA - Difference in permit IP and permit tcp in extended ACL

Resolved! ASA ping comes back with ?

Security Context License on Secondary/Standby ASA

In the context of an ASA5500, what is the end of signature release date?

FirePower 1010 ASA - Cisco Smart Licensing chicken-&-egg situation

Cisco ASA 5505 using cell phone internet connection

Resolved! Firepower Management Center virtual - Unable to download product updates

Resolved! Cisco ASA IPSEC VPN

Resolved! SFR license issue on FMC

FMC: How to whitelist a particular DNS request being dropped by “MALWARE-OTHER dns request with long host name segment - possible data exfiltration attempt”

Resolved! FMC: Whitelisting connections from one IP to another IP does not work

NAT pool transfer on Cisco ASA

Cisco ASA

Firepower ACP Intrusion Policy and Inspection

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Palo Alto to Cisco Migration Tool count_summary error

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

How to Specify a PAC File on FMC Policy for Secure Client

Import json file to FMC

cisco firepower management center virtual gui not shown

Downgrade FPR-1010

FTD interface showing "admin down"

FTD HA Configuration