I can VPN to local LAN through PIX 510 Firewall. The inside gateway address on PDC is 000.000.20.12 which is the inside address of PIX. On the LAN there is a BDC com server that is using 000.000.20.1 gateway through a Cisco 3600 Router to the company...
Forum Posts
Hi, everybody. Faced with such a problem. (which probably occurred after the DC update) FMC1500Software Version 6.3.0.4 (build 44)OS Cisco Fire Linux OS 6.3.0 (build21) No user activity in Analysis -> User -> User Activity. I am using Cisco Firepowe...
HI All, How do I keep current intrusion policy configuration when I update snort rules?Could someone help me? Best Regards,Nicholas
I have an ASA running sourcefire. Recently I noticed that the sourcefire module is showing as unresponsive and not functioning properly. After logging into the system I noticed that /var is 100% full. However if I run the following command "sudo d...
Snort 3 and Me Technical Webinar: July 6th - Snort 3 Language Basics Hi Team,I wanted to make you aware that we will have a series of monthly 30-45 minute technical webinars regarding the migration to Snort 3. This is highly relevant for ALL...
Resolved! Suspected false positives in FMC
This morning when I logged into our FMC I had several new IOC's on my context explorer, all of which were related to CnC connection attempts. After getting into the analysis and using the talos lookup tool on the IP address associated with these even...
Hello guys,i have a operational ipsec tunnel between Cisco ASA 5505 and other firewall across my network. Traffic goes through in both direction. Now, i would like to source NAT ipsec incoming traffic (from ASA perspective) with its inside interface ...
Hi Experts!Please help me out on the following requirement. Thanks in advance! BACKGROUNDWe have some third party contractors that remote-VPN via Anyconnect on our 5525-x firewall. They are NOT part of our Active Directory. We are deploying ISE in ou...
Hi, lease confirm the below query: In firewall 3 interfaces INSIDE, OUTSIDE, and DMZ. Inside interface connected to our Nexus core switch so please confirm in which interface of firewall we have enabled Netflow?
Hi community members! Is there a way with Meeraki switching equipment, to dynamically add to the ACL ? e.g. point it to a list I control I want to block certain IPs from a text list. Or at least bulk add if it's not possible for dynamic method. Thank...
So I have some questions here that to me at least are confusing. I really hope someone can clear these questions up. 1)What is the purpose of having thousands of disabled rules. It seems IPS should be all on for rules otherwise what's the point? I me...
All, I am having trouble installing a certificate, self signed or other in my firepower architecture. Currently configured with a vFMC and ASA firepower module. Both devices running version 7, problem carried over from 6.X When I go to request th...
Our regional offices have Firepower FTD devices (without FMC), each with two VTI interfaces to the data center, routing via BGP. We want to use DHCP Relay to point to a remote DHCP server (due to FTD's DHCP lacking needed config options). I don't wan...
Greetings: We are initially configuring a new (my first) Firepower 9300 in Standalone mode (not clustered) for testing with a standard Aviata/JDSU T-Berd 5800 test set and cannot get a successful test. We have the test set configured properly (works...
Within the advanced tab of the access control policy there is option to set network analysys policy and a default IPS policy. Why would I not just create a blanket IPS policy that has everything in it I want blocked like Maleware/Explots etc rather t...
