Network Security

FMC REST API - Health Metrics

Hi all, is there any detailed documentation for FMC REST API GET call /api/fmc_config/v1/domain/{domainUUID}/health/metrics which can get health statistics? The documentation mentions metric -- "name of the prometheus metric to be queried" however, t...

block access to my RA VPN

i need to block access to my RA VPN using the IP i need this VPN to be accessed via the URL what i mean that i have an FTD 2110 with RA VPNusers can access the Web page of the VPN using both IP of the outside interface and the URL i need to force use...

Resolved! Why use Permit ip any

Hi guys, I found the configuration of a ASA 5525 strange to me. I can't understand why there's Permit ip any any at the end of ACL, as follows: access-list DMZ_access_in extended permit tcp object SRV_SYSLOG eq 6514 object SRV_MC eq 6514 access-l...

Resolved! Firepower Threat Defense 7.2.8 vs 7.4.2

Hello, sorry if this has been asked before but it has become more difficult to find information lately. My Firepower 1010 appliance is using FTD 7.2.8 which is listed as the suggested release. I have the Threat license installed. It is a standalon...

NAC Client for Snow Leopard?

Apparently, Snow Leopard doesn't work with the current NAC client. Any word on when Cisco will release a working NAC client for Snow Leopard?

Blocking TikTok app on Firepower 2140

The 2140s are managed by FMC.In my ACPs, I have a policy for blocking. In this policy, the main components it is blocking are URLs. We have all the default groups that should be blocked. And we also have a custom list of URLs that we block to. This l...

Resolved! Setup / Enable TFTP ASA 5525x

Hi,I received help from @Rob Ingram yday regarding ASDM upgrade. Which was a tremendous success, thank you ...!However, today, after I did all that, I had to revert back to a previous ASDM version to work with certain computers on out network. Now I...

Network Discovery and Correlation with Scan New Host

I just implemented a correlation policy to scan New Host Discovered and Unknown Operating System rules using NMAP. I have a test box in the network protected by FTD. To test the policy, I deleted the test box host record then started generating traff...

Resolved! 0 out of 50000 FireSIGHT host licenses remaining

Is it true I can’t use Firepower1010 as Firewall without a Web Server?

I intend to purchase and add a Cisco Firepower 1010 in my network as a Firewall. However, through Google search, I found a buyer’s product review comment on eBay.com that “The Cisco 1010 firewall is a router/dependent firewall, that only provides a ...

FTD NAT Issue on UDP port 500

Hi Team.I have a host on LAN that is trying to build IPSEC VPN with remote site.I am using Dynamic PAT for all traffic.I believe it should work.But interestingly, I see all traffic getting NAT but not UDP 500.Any idea why? Ideally i want UDP 500 and ...

Queries regarding ASA5545-X

ASA Version: 9.6(4)41ASDM Version: 7.15(1)150 There’s are few enquiries about ASA5545-X Firewall1. Does ASA support wildcard mask?2. Does ASA firewall support FQDN? Any limitation? Any KB related to above queries?

FPR 1010 ASA / unregistered itself after moving it to another location

Hello everyone;I have recently been contracted to deploy CISCO Fire Power 1010 ASA, so I normally register them from the office, then move them to the sites where they are supposed to be deployed, but then I experience that, after registering the dev...

ACL, Allowing and Denying

Greetings,I hope to help you clarify the concept of (ACL, Allowing and Denying).I have a Cloud portal where I hosted Two Servers, and the support team added a section for me (Firewall), which is just an ACL.SRV1 IP: 20.200.92.20SRV2 IP: 20.200.108.10...

Resolved! Cisco Secure Firewall File Policy exclude Windows Updates

Hello,I'm trying to configure Cisco Secure Firewall ACP File Policy to exclude Windows Updates from being scanned. I inserted an ACP rule just above the rule with the File Policy. It simply allows traffic to Microsoft Updates or Windows Updates with ...

Network Security

Forum Posts

FMC REST API - Health Metrics

block access to my RA VPN

Resolved! Why use Permit ip any

Resolved! Firepower Threat Defense 7.2.8 vs 7.4.2

NAC Client for Snow Leopard?

Blocking TikTok app on Firepower 2140

Resolved! Setup / Enable TFTP ASA 5525x

Network Discovery and Correlation with Scan New Host

Resolved! 0 out of 50000 FireSIGHT host licenses remaining

Is it true I can’t use Firepower1010 as Firewall without a Web Server?

FTD NAT Issue on UDP port 500

Queries regarding ASA5545-X

FPR 1010 ASA / unregistered itself after moving it to another location

ACL, Allowing and Denying

Resolved! Cisco Secure Firewall File Policy exclude Windows Updates

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Question on S2S Tunnel to Azure using FTD or Azure Native S2S

Setting out TCP MSS on FTD only for non-ipsec endpoints

Cisco Stealthwatch ipfix exporter

FMC - Error mesasge: Unable to reach Cisco Cloud from the device

CISCO FXOS Upgrade - API

FTD 2130 HA Pair - FMC - sftunnel CA expired - Fix options

How often does IPS update on Firepower devices

ASA Nat re-order, renumber, existing nats, add new ones

HA pair in Active/Active. Cannot deploy policy

FMC Management Center is out of compliance.