Network Security

Resolved! Add FTD to FMC remotely

Hello. I know I must be missing some small detail, but I've been unable to connect a firepower 1010 device on 6.6.1 to my FMC remotely. I've read so many different instructions from so many different versions/people, but the vast majority are suggest...

Firepower 4110 intra-interface traffic

Hello Everyone,I have a scenario, where I have to manage the east-west traffic and I have only one inside interface for LAN. So is this possible the traffic enters and exits the same interface in FTD? if yes, then how can I achieve this.thanks.....

Resolved! PassiveID integration with ASA

Hi all, Just a quick general query, I'm looking at integrating PassiveID into our network (allowing firewall rules based on AD groups instead of IP) I can see this is possible via the FMC/FTD deployments but I can't find anything specific online whi...

Cisco FTD - Access control, Identity and NAT policy sequence

Hi All, If I have all three policies (Access control, Identity and NAT policy) in place on FTD in what order the incoming packet is handled and policies are applied? Also is it possible to change this order ? Thank you.

Resolved! ASA SFR module reimage 6.1

Reimage to 6.1 version in ASA sfr module in 5508-X. There is a pre-install package that i have to use in this installation but i dont know what have I to do with that file. Someone know the command to run this package or when I have to run it? Regard...

FIREPOWER 2120 NOT ACCESSIBLE USING IP

Hello, I need helpThe fire power 2120 can serve a dhcp ip to my laptop, but unfortunately i cannot access its GUI and I can not ping it either.When I try to connect ftdthrough FXOS, it says application not installed yet it was working well then it we...

Function of RADIUS for accounting

Hi As we know, RADIUS accounting is working for recording authentication status. How about authorization? such as what action or command the user use? I never see there is function configuration at RADIUS or ISE. How do you think about it? Thank you....

Resolved! For Re-image and Install new version ASA Firepower module

I was watching that in the list of downloads for software of asa firepower for 5508 devices have 3 files. so I read only the boot image and the system image that would be the following files: ASA FirePOWER module boot imageASA FirePOWER module instal...

Remove "inside" interface in ASA Context mode

hi,i got several "inside" interface that i needed to clean up in a multiple/context mode ASA.it's been years since i did this and just would like to confirm my thoughts.do i just remove or negate the subinterface under the 'system' context and all 'n...

Resolved! FMC Managing a cluster of Firewalls

Hi All, Looking for a little direction if possible. We have four Firepower firewalls along an edge at different locations sharing an ACL policy and NAT policy on the FMC. So we make a change in the policy, it is pushed to all four Firewalls. However,...

Cisco NGFW 2210 - VPN Client Issue

Looking for a solution to my issue: I have a Cisco NGFW 2110 running v6.6.1 and the VPN client had been working. Short story is I blew away the VPN config because users complained they had no access to the back-end resources after connecting. Now it'...

NAT&PAT

hello guys,i'm working on a NAT&PAT topology and the ping from PCs won't work (worked once) while i can ping from the server to the PCsm dropping here the file if anyone can help

ASA: Not getting Internet Access on the Server.

Hi All, I'm currently having issue where the System Admin is having difficulty in getting internet access. A rule was created on the Cisco ASA to allow internet access to the Server but the System Admin is not getting internet access but when we do t...

Resolved! ASA 5508 - Block IP addresses doing Proxy scans

Over the past several months, I've noticed a lot of login attempts from Foreign IP addresses trying to log into my Exchange server. The server is fully patched but I would like to block these IP's at the firewall so that they simply can't try the lo...

Change clock in ISE without impacting existing device admin via TACACS

My ISE cube is made up of two nodes. I just enabled device admin to manage a few switches/routers via TACACS and it is working as expected. However, I noticed the system clock in ISE is different to the one of the routers/switches and to that of the ...

Network Security

Forum Posts

Resolved! Add FTD to FMC remotely

Firepower 4110 intra-interface traffic

Resolved! PassiveID integration with ASA

Cisco FTD - Access control, Identity and NAT policy sequence

Resolved! ASA SFR module reimage 6.1

FIREPOWER 2120 NOT ACCESSIBLE USING IP

Function of RADIUS for accounting

Resolved! For Re-image and Install new version ASA Firepower module

Remove "inside" interface in ASA Context mode

Resolved! FMC Managing a cluster of Firewalls

Cisco NGFW 2210 - VPN Client Issue

NAT&PAT

ASA: Not getting Internet Access on the Server.

Resolved! ASA 5508 - Block IP addresses doing Proxy scans

Change clock in ISE without impacting existing device admin via TACACS

FMC 7.4.2.1: Missing active sessions in Remote Access VPN dashboard

FTD not recovering RADIUS server down

FMC 7.4.2.1-30 unsets/sets DNS domain-name every day

Cisco FTD SNMP OIDs for Site-to-Site and Remote Access VPN

WCCP Flex config Fails

Firepower 1120 has wrong (falcon demo) license active

L-CSF1230-TMC-3Y 's TOP SKU

FMC error has unknown CPU number

Cisco FirePower

keep security zone on FMC