I try to migrate ASA 5555-X with 9.14(3) to Firepower 2130 with ASA image. Is best to do more system:running configue and copy and paste the config to the new firewall or better to do backup and restore from the ASDM?I'm worry that if doing copy and...
Forum Posts
Hi, just started hearing about CVE-2022-22963 "Remote code execution in Spring Cloud Function by malicious Spring Expression" (https://tanzu.vmware.com/security/cve-2022-22963). Has Cisco made any statement regarding which products are affected and w...
Hi,Anyone else come across this issue? I've not found it detailed anywhere. We're on 6.6.5.1 (build 15) is it fixed it later builds?When POSTing an ICMP object in the FMC if you use a blank string in the icmpCode field it breaks the API. A GET reques...
So I'm new to FMC and I'm trying to get a grip on how things work. I have an intrusion alert that keeps coming up. "HI_CLIENT_DOUBLE_DECODE (119:2:1)"Problem is, it keeps alerting on non-malicious traffic (all internal traffic). How do I turn off thi...
Resolved! Vulnerability in router C2921
Hi We have a router C2921. When tenable scan vulnerability, we got the following info. Not sure if its vpn configuration issue. Anyone can provide suggestions to resolve it? Thank you of a VPN gateway and gain unauthorized access to private networks....
We recently updated FMC and our FTD's to code 7.x. Are we able to build rules using MAC addresses yet?
Resolved! FTDv evaluation in FMC
Hi community,Is it possible to force FTD virtual that's managed over FMC be in evaluation mode or consume evaluation license from CSSM On-prem while other FTDs managed over FMC are running and consuming threat / url / malware licenses already? Thank...
We had a Cisco ASAV Standard Package virtual appliance installed in our AWS environment and there does not seem to be any available way to obtain the latest software OS to update the OS/firmware. It requires you to have access via Cisco.com to downl...
Resolved! ASA-AWS firmware version upgrade
How can I upgrade the firmware version of an ASAv running in AWS? I don't want to rebuild a new instance from scratch. So, is there a way to proceed with a simple upgrade CURRENT RUNNING VERSION = 9.6.2.1AWS AMI LATEST VERSION = 9.9.1.2 We have a...
Hi,I have two separate local network (old and new) and I put Cisco Asa between them. "New" network is inside network and "Old" network is outside network and I allow access for all subnet from new to old.Now, I want allow access from one host from ou...
Resolved! Allowing Ports to a host in cisco asa
Newbie question, please help.access-list OUTSIDE extended permit tcp any host 10.1.1.5 eq www This command will allow outside host to access internal host with the corresponding ip using the port 80, is that correct? Thanks in advance.
Hi all,I have a 4321 router that functions as a ZFW. I have configured zonesGi0/0/1 --> insideGi0/0/0.1 --> TEST. The TEST zone has dhcp relay commands configured, but I cannot get any end device behind the TEST zone get an IP address via our DHCP se...
Is it possible for me to set up two-step verification for my Cisco RV325 router?
Resolved! SubInterfaces on an ASA
Is best practice still to either tag nothing or tag everything on an interface on the ASA? As in, either leave it as an untagged and then pick the appropriate vlan on the downstream switch: GigabitEthernet0/2nameif insidesecurity-level 100ip address...
Dear sir, I need to upgrade openssh on cisco fire linux os, because founded vulnerability.but yum update, apt-get command is not heard.please inform me that how to upgrade openssh. My fmc os and openssh version as below. thanks,
