Hello Everyone, We have deployed two cisco virtual FTDs on our environment and configure them as HA. Those firewalls are connected with core switch over ospf and they are working seamlessly. However when the standby unit become active it will lose t...
Forum Posts
Resolved! FTD to remote FMC register problem
i am trying to register my FTD to my remote FMC by this guide with manual methodhttps://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc-remote.html#task_imq_yw3_b3bbut when i am adding my FTD to FMC i go...
I have about 50 nats most are (inside,outside) object-group network1 object-group network1 dest remobject-group network1 object-group network1 I need to add at least 50 nats above these. I need to do a:nat (inside, outside) 1.1.1.1 2.2.2.1 dest r...
Hello,I am hoping to get some help in deploying HA with FTD 2140 devices. We recently upgraded to 7.4.2.1 (build30). Since the upgrade, the HA pair went into Active/Active and I have not been able to correct the issue. I forced the HA to break. When ...
I need to create an ACL (or multiple ACLs) on my FTD2130 to allow hosts to the huge list of IPs and URLs required for Office365 (located here: https://support.content.office.net/en-us/static/O365IPAddresses.xml ) How can I do this automatically/scr...
Hello, We are using access point cisco air-ap1815i-i-k9 that are connected to our network and controlled by controller of same model, we configure a RADIUS parameter in WLAN (SSID) settings, we tested the cisco controller with the RADIUS server and t...
Hi everyone,I’m working with an architecture that includes two 3110 chassis, each hosting three instances. The instances are configured in an active/standby HA setup. However, I’ve noticed that when all three instances are running on the same chassis...
Hi Community,I have FMC with L7 IPS license outdated, so I could not deploy my rules down to my FPR,I've been told I could deploy rules by closing all L4-L7 functions.Where could I check if all of L4-L7 functions was close?BTW, I've found a settings ...
I have an architecture with two 3110 chassis, each with 3 instances. These instances are in active/standby HA, and when I have all three instances on the same chassis, the memory of Snort 3 increases, and we start having issues with the applications....
HiI have a 2 ASA 5555X and firepower module run on this ASA, and manage through FMC.I want to change the IP modules and FMC, but I realized it's a risk.Please give me the best solution to change the IP.
Hi Team, We are currently encountering an unusual issue within our network. According to the traces conducted at the servers, it appears that the TCP RESET packet sent by the Source Server is not being received by the Destination Server. It is not...
Resolved! Default action to FTD
Hi to everybody,It is not so clear to me what the discovery default action does. I am asking this because my last rule is deny from outside to inside. Therefore i suppose that the FTD does not pass to the default action that is below the all deny rul...
Hello Community,I am currently facing an issue with my FMC, where my L7 IPS license has expired, preventing me from deploying my rules to the FPR. I’ve heard that I could potentially deploy the rules by disabling all L4-L7 functions.Where can I check...
Hi all,I have LDAP and Radius external authentication methods setup for some admin-user to login in my FMC. I can see these users are visible in system > user list but just as external, there is no detail about what authentication method used for the...
We would like to know weather Cisco Firepower IPS & Broadcom ATP CAS uses Oracle Java SDK or JRE or not? If yes, Does ArcSight bundle the Java license together? (does it come bundle with the product or require any additional license) As far as I unde...
