Network Security

Radius authentication timeout

Dear Community,We are trying to get Radius authentication to work for one of our ASA´s.It is working for every ASA except ASA1.following structure is given:ASA1:GigabitEthernet0/1nameif transfer-ASA1-ASA2security-level 10ip address 194.1.1.1 255.255....

Is there a way to see if your encrypting specific packets?

This is a site-to-site IPSEC tunnel. Everything looks good, including the packet capture but the packets aren't seen on the far end on their packet capture (the other company on the other side of the tunnel). Both sides are using Cisco FTD's. How ...

WCCP Redirection on FTD 2130

Hello All,Has anyone configured transparent WCCP redirection on Cisco FTD managed by FMC?I need to migrate this ASA WCCP configuration to FTD Flexconfigwccp web-cachewccp 70wccp 80wccp 90wccp 91wccp 93 redirect-list WCCP-FORWARD group-list wccp-serv...

FMC login page hung at "System processes are starting, please wait." Remained hung over night

Login page hung saying system processes are starting... it's been hours...gui status follows... admin@Sourcefire3d: sudo pmtool status | grep -i guimysqld (system,gui,mysql) - Running 3853httpsd (system,gui) - Running 3856sybase_arbiter (system,gui)...

Resolved! IPs that are blocked by policy, still able to make VPN attempts

FP1010 locally managedI have a policy at the top of my list blocking certain IPsHowever, I see in the logs that IPs on that list are still able to make remote access attempts via WebVPN and get rejected because the user doesn't exist.Why are they eve...

Resolved! Cisco FTD lost connection to FMC, what will happen to the IPS eventlog

lets say FMC down for 1 day, after FMC up, will the 1 day event send back to FMC? will it have any datalost?

Resolved! Need ASA control-plane ACL's. 2 outside interfaces to block bad actors

Need to setup control plane blocks for two OUTSIDE interfaces.Only have production ASA's running 9.1.x so can't "try it out".Will the below work, or is there an easier method?BLCKCOUNTRY is an object group (not shown) with 200 subnets to block.10.11....

Process Status sfhassd exited n time(s)." with snort3 deployment

How can we disable sfhassd on FTD. Getting continuous alerts. FTD version is 7.2.5 and FMC is 7.4

FTD NAC L2 Block not working

I have configured a rule in the Default NAC that is supposed to block a Layer 7 protocol application. When I analyze hit counts, it shows the rule has been matched. And when I analyze connection events, the traffic is showing as dropped. This is the ...

ASA FirePOWER Services Software Module stuck in Init

Dear members, I just logged on to the firepower management center and noticed that its failing deployment for the below firewall and after taking deeper look I noticed the SFR is stuck in Init mode. I tried to reset, shutdown and reload with no succe...

Resolved! Firepower - Max ACL Limits

Hello, What are the ACL limits on the Firepower family running ASA code? I've found documentation regarding the ASA hardware family but nothing related to the new Firepower appliances. I suppose the limitations would be much higher because of the a...

High CPU due to packet capture

Hi,IF we do not remove packet capture on ASA does it cause CPU to spike?Regards,Krishna

Enable SNMP for monitoring chassis in FPR 3110 with ASA 9.17

I have firewall FPR 3110 with ASA 9.17, but when I try to do a commit buffer in FXOS mode, a error apear: Error: commit disabled while in appliance mode cisco asa. How can I solve this problem to enable the OIDs to monitor chassis characteristics and...

Resolved! Giving another VLAN access to a VTI tunnel on an ASA

Hey Guys,I have got a problem with a VTI site to site tunnel we created between two ASA's.The VTI tunnel is up and running and we can use it to access the other site, however on site B we have an extra VLAN which also need access to the subnet on the...

Format of FMC logs

Hi All,in which format we can send logs to any syslog server from FMC4700 version 7.1?Also what are the different type of logs can be Sent to syslog from FMC?

Network Security

Forum Posts

Radius authentication timeout

Is there a way to see if your encrypting specific packets?

WCCP Redirection on FTD 2130

FMC login page hung at "System processes are starting, please wait." Remained hung over night

Resolved! IPs that are blocked by policy, still able to make VPN attempts

Resolved! Cisco FTD lost connection to FMC, what will happen to the IPS eventlog

Resolved! Need ASA control-plane ACL's. 2 outside interfaces to block bad actors

Process Status sfhassd exited n time(s)." with snort3 deployment

FTD NAC L2 Block not working

ASA FirePOWER Services Software Module stuck in Init

Resolved! Firepower - Max ACL Limits

High CPU due to packet capture

Enable SNMP for monitoring chassis in FPR 3110 with ASA 9.17

Resolved! Giving another VLAN access to a VTI tunnel on an ASA

Format of FMC logs

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

FMC 1600 w/FTD 2120 License

Cisco ASDM-Remove software Oracle JDK and change to Open JDK

Troubleshooting Port Authentication with NPS Error code 22

How to unmount nfs remote storage if no longer needed - cli

Scheduled backup of ASA multicontext configuration

Cisco 1120 upgrade question

ASA5525 import/migrate NAT rules to Secure Firewall 3100

anyconnect vpn failed attempt logs

SFP Down on FPR 4100

FTD Route based VPN Question