My SSL decryption policy is working but the FTDs are experiencing issues trying to decrypt sites that appear to be protected by cloudflare. For example, if I go to yahoo.com, I can see the certificate in my browser was intercepted by the FTD and the ...
Forum Posts
Hi Community! I'have some issues with monitoring cisco firepower 2100 with snmp in Zabbix. I configure well all snmp in FMC, and i use snmpwalk v2c to poll all interfaces in my zabbix. But the problems, i get others interfaces like : Can you hel...
I was told to configure firepower for our cisco asa 5525-x and thought i'd have to install a module, but this guy is telling me it's embedded into the firewall.. I haven't found anything on how to configure this though and am confused on how you woul...
Resolved! FTD Managment Interface DOWN/UP
I have a newly upgraded ASA 5516 that was previously running ASA OS and is now running FTD. For some reason the Management1/1 interface is admin down, line up. Interface Management1/1 "diagnostic", is administratively down, line protocol is up Hard...
For our first rule in our Access Control Policy, we've got a geolocation block on incoming traffic from country X. There is no corresponding rule for outgoiong traffic to country X, however. So, as I understand it, anyone in country X trying to initi...
Hi All, I have observed a internal to internal machine traffic and observed the event IOC_STATE_RECORD on my SIEM console. This event flagged by the cisco firepower center (FMC), checked the traffic logs between the these two internal machines. Obser...
Hi, Currently have a 3rd party Firewall for Internet Access in a simplified view like below with transit VLAN's spread across 2 sites and as such can leave via either site but with a preference for the local, outbound traffic NAT's to the outside int...
Hi AllI was wondering if someone enables and uses the FirePOWER module Cisco ASA without FMC.I didn't find documentation clearly about it.Any help is welcome.CheersAlex
My client is asking for a list of all of the users that have logged in via AnyConnect in the last 60 days. Is there a way to do that through the FMC? Or do I have to set up external logging on ASAs/FTDs to get that? Or is there a better way to obt...
I have two Layer 3 switches. SW1 has VLAN with 5 workstations. SW2 has a single workstation with a routed port as it only has 1 workstation. Topology is:Workstation 1-5 -> SW1 (VLAN) -> ASAWorkstation 6 -> SW2 (NO VLANS) -> Router On SW2 I have the...
Hello, team.The customer provided me certificates for my virtual ASA:CA- in crt format and ID - pem fofram whith RSA PRIVATE KEY.I have Faild with each of them. I am trying to convert them but the error remains.Attached the certificates. Please help ...
Hi,Can someone direct me to the cisco documentation that outlines the configuration on switches for aaa/tacacs+ to ISE using CHAP.Many thanks in advance
Our backups have started failing because there is too much disk space used. This is an FMC2500 running 6.6.4, and if I select more than one backup, only one backup is deleted. I've downloaded a couple key backups, so I'd like to delete them all. Is t...
Resolved! How to buy ftd ios for 5515-x
Hi, I bought a used 5515-X from a company and it was suppose to have FTD on the flash and not ASA. See below Result of the command: "sho ver" Cisco Adaptive Security Appliance Software Version 9.10(1)Firepower Extensible Operating System Version 2.4...
can someone help me with the configuration of 2FA on Cisco catalyst switch using DUO and Radius server
