Hello,I have a major problem with our Firepower infrastructure comprised of an FMC (7.6) and 2 FTD's in HA. No matter what, after I create an initial policy and apply it to the FTDs, when modifying a rule, say from Allow to Block, and fdeploy, the co...
Forum Posts
I am getting ready to perform a migration for my vFMC. Currently, our FMC is licensed for 2 devices. We are currently adding a third firewall so we need to create a new vFMC with the new license. According to our rep we can't just add the new license...
Hi Team,I'm looking for a Cisco recommended design for deploying & integrating FTDv FW pair with AWS Transit Gateway. Design Considerations -The 2 firewalls need to be deployed in a separate AWS VPC with 2 availability zones. And traffic failover sho...
Hello Everyone,I am currently experiencing network latency issues on the transit link between the ASA Core Firewall and the Edge Firewall, which is using the IP range 172.12.1.0/30.The connection from the Edge Firewall to the Internet is functioning ...
I am migrating 2 ASA and 1 FTD into a single FTD managed in FMC. I have created 3 VRs on the FMC and after migrating the first configuration across I am attempting to change the inside and outside interface from that configuration into its correct VR...
I was wondering if this would work. I need to move our FMCv from its curent hypervisor to a new one. I was thinking the easiest way may be to create an new FMCv on the new hypervisor and make sure it matches the version of the current one. The new FM...
imagine basic asa setup with two outside interfaces, two providers, and one inside interface. I have route map that route traffic from one inside ip to provider 2 and default route to provider 1. If I implement reverse path check, asa uses routing ta...
I am currently using Cisco Firepower Management Center (FMC) and would like to collect logs that include detailed information about users' requested URLs and send them to a central syslog server for analysis.Here are my specific requirements and ques...
We are trying to to activate the "carrier" license on the ASA5525-DC-K8 unit, so that we can use SCTPThe current licensing shows: Carrier : Disabled perpetualCan anyone help us find the correct part number for this license?Thank you.
Hi All,After completing an external pentest we were informed our FTD1010 is vulnerable to the ZOMBIE POODLE attack. I have found articles on how to remove the affected CBC ciphers via FMC but our device is managed via FDM. Does anyone know of a way t...
Before I say anything, I would like to say that I just started using packet tracer and barely know how to use it thanks to my professor being bad at teaching. Now to my problem, my firewall is not allowing packets to go through in or out and I have ...
I want to downgrade FTD v6.4.0Boot Loader version: 1.0.18 (ROMMON)System version: 2.6(1.133)Service Manager version: 2.6(1.133)USB does not work. I've try few USB 2.0 1 GB pendrives.I've try connecting with tftp server like in yt video: 'How to conve...
After deploying a new FTDv 7.x, I encountered an issue where, after configuring the Management IP settings (including Device IP, Gateway, and Mask), I couldn’t ping any devices on the network. I received a "No Route to Host" error, which was puzzling...
Hello, I have a Firepower 3100 FTD cluster managed by FMC, deployed between two Cisco 9500 L3 switches. OSPF is configured on the FTD and both routers. During a failover (cluster role change), the OSPF neighbor relationship gets re-established, resul...
See the below result of #Show module ips detailsCard Type: UnknownModel: N/AHardware version: N/ASerial Number: FCH2042XXXFirmware version: N/ASoftware version: 7.1(7)E4MAC Address Range: a0e0.af52.cb3b to a0e0.af52.cb3bApp. name: IPSApp. St...
