Hello all, I am following this article here: https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html I am attempting to install Firepower services on my ASA 5515-X. The exact image I am using is ...
Forum Posts
I have a HA pair of ASA5515-X's running 9.12(4)29. I have noticed that there is a discrepancy in the licenses between the two ASA's. The primary has AnyConnect for Mobile disabled and the secondary has it enabled. All the other license features ar...
Using Firepower with ASA code. I would like some users to not enter config mode on the firewall. We have RADIUS with privilege level 7, which cannot enter config mode on routers on switches. But the same users can enter config mode (and make changes)...
Helo, Is there any way to configure management interface for transparent security context on ASA service module C6500?Or at least, is it possible to send syslog from this context?
We are thinking of using Firepower's Geolocation database to block all incoming IP traffic from both China and Russia. My organization has no business dealing with any of those countries. That is not to say we do not see any traffic already blocked f...
Resolved! FTD virtual management
Hello, I have FTDv with Firepower and it's connected to FMC - VMware appliance - On the VMware side it says VMware tools not installed - I checked on FMC I can only see the option to install VMware tools on FMCv instance itself and not the FTDv manag...
Resolved! Upgrade FMCv 6.6.5 -> 6.7.0-65
Good day, community. I attempt to upgrade our FMCv from 6.6.5 to 6.7.0-65, but the Readiness Check failed at /var/sf/upgrade-scripts/6.7.0/000_start/001_db_compat_check.sh Here is the upgrade_readiness.logadmin@cniv-fmcv:/var/log/sf/Cisco_Firepower_M...
So for whatever reason my ASA will not boot anymore. It just gets stuck in a reboot cycle and I'm thinking the flash may be completely crashed. When it initially boots up it tries to boot but fails and the only option that works is to hit ESC to ge...
Hi, I just noticed something on our ASAs and was wondering if someone have seen this or if there is a better ezplanation for the difference between traffic(packets and bytes/s ) reported by an ASA on its Physical Interfaces number and nameif. Belo...
Hi,i have a problem with the recovery mechanism in ipv6 that uses DHCP leasequeries. I have been trying to implement ipv6 security measures in our network, the equivalent of dhcp snooping and arp inspection on ipv4. For this i try to use the SISF-bas...
Hi all, I need to reinstate HA between two FMCs after having to rebuild the secondary FMC device. They manage 18 devices and have a number of access policies, IDS/IPS and NAT configurations etc etc. I'm assuming this is going to take a good few hour...
I am replacing a 5550 ASA on my home network with a Firepower 1120. I manually added the interfaces and such using similar naming conventions on the 5550. When I mouse over 1/1 I see the message box stating "Gateway cannot be reached through port E...
Firepower 4110 created alarms: Ntp Configuration failed, please check the error message in Ntp host - Fault Code: 1661 checked NTP:NTP Overall Time-Sync Status: Time Synchronized So anybody can help what does fault code -1661 mean and what's soluti...
I have a perculiar problem with Cisco ASA that I have been trying to resolve for many days but I cannot even find the root cause. I have a network as seen in the diagram below. I cannot establish pings between these two LAN segments. See output of...
Hello everybody,during my last deploy i've received the following error:"strong crypto for vpn configuration is not supported. This is because fmc is running in evaluation mode or smart license account is not entitled for strong crypto".it doens't ma...
