Hello!I would like to know if Firepower Services Module will work with ASA Active/Active setup? Ideally it should as when we add it to FMC for ASA Active/Standby it works as 2 separate independent modules. If anyone has seen this setup, please share ...
Dear Community, I want to implement IPS on some ACP rules but had a few questions before doing so: 1) The documentation states the following regarding the Network Analysis Policy: "By default, the system-provided Balanced Security and Connectivity ne...
I have 2 firewalls, one functions fine, the other hangs when typing some commands that could contain hostnames.
Here are the 2x configs for DNS.
FAST ASA:
ASA-A# show run dns
dns domain-lookup outside
DNS server-group DefaultDNS
name-server...
Hello, When managing a FPR4115 with multitennancy how does the FMC license count work. Is it: a. 2 licenses for the two FWs in the HA setup b. 14 licenses for the 7 instances per FW each I can´t find a license count doc the describes this. Thanks B...
Hello,We have a firepower sfr module that we can't access via ssh or via the ASA cli and I suspect that we need to do a reimage.I have done reimage of sfr modules on smaller ASA models before, but I believe it's a bit different on the ASA 5585-X. The...
Kind of an odd thing. We just had a vulnerability scan and a 2960 got pinged for supporting medium strength SSL cipher suites. I say strange cause I have 3 others that have the same IOS image and they didn't get pinged. Swap out the management IP ...
Hello, I have a HA pair of FTD managed by FMC I have prefilter policy and I created a new rule.The traffic though is not hitting this ruleIt is initiated by DMZ and goes to inside and has NFS port I have other rules that are working ok in this zon...
When I attempt to ping my DC’s FQDN from my Firepower 1140 it resolves to an external IP address owned by Google.When I attempt to ping my DC’s FQDN from a client it resolves to the correct inside IP address.The FQDN form my DC is registered the IP a...
We have a standalone ASA 5508-X running FTD 6.2 that we want to upgrade to 6.6. I don't have problems upgrading ASA firmware or FTDs through FMC or CDO, but I've been searching through documentation to upgrade to a later FTD version for an hour, and ...
Hey all, I'm having some issues viewing any Netflow connections being sent to an FTD and think something got broken in 6.6. I have a single Passive port on a FP2110 in my "Netflow" zone connected to an ISR4331. That ISR is sending Netflow data with...
We have an ASAv configured in AWS. It keeps crashing periodically and I'm trying to determine the cause. Version: Cisco Adaptive Security Appliance Software Version 9.6(4) I've attached the "show crashinfo" output. Can somebody please assist?
If Switches flood arp requests on the entire network , then if we keep pinging an invalid ip address which is supposed to be on the network , then arp frames will be flooded all over the network. Which can cause a DDOS.Why does this occur and how do ...
Hello, Can anyone tell me when the Cisco will stop issueing software updates for the ASA 5585-X platform (ASA5585-SSP-40 and ASA5585-S40-2A-K9)? I've seen the EoS announcement (https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-serie...
Dear Team,Software Version-ASA 5516X-9.9-FTD(2140)-6.6-FMC-6.6-Migration Tool:2.3.5Could you please help me out on below queries ?-is SSL VPN or AnyConnect VPN is supported during Migration from ASA to FTD-is SSL VPN's Object, NAT, ACL,certificates m...
