Forum Posts
My integrator set up our firepower HA pair and set up the pxGrid ISE integration. When I started testing SGT filtering in our access policies, I kept losing connectivity that contained any SGTs.Doing some reading I think I sourced this to MNT update ...
I am trying to figure this out. I created a new block rule on Monday.When I check the hit count today I see that there have been 275 hits on that rule to date.When I check the connection events I don't see those hits. I have made sure that loggin...
Is it possible to show resolved hostnames in the FMC reports? It was an option I enabled on the old Firepower system for ASA but I can't find it anywhere on the new FMC for FTD. I've looked everywhere. It's not a big problem at all but I do weekly re...
Resolved! QoS and Layer 2 DoS attacks
Good Day!! i have a question?Can i use QoS along whith DHCP Snooping and DAI to contain a DoS attack on Servers? Thanks
Hello, Is it be possible to collect Firepower IPS connection events via syslog rather than estreamer (FMC)? If yes, is there any info that may be missed (e.g. security intelligence events, any potential interesting fields within the connection event?...
Hi Team, I would use my dashboard in FMC to monitoring the traffics interfaces of each interfaces in the FTD ... I get this : see images attached ..let's take the first interface"LAN", how i can get 1,107,868.42 KB while the LAN interface in FTD is 1...
Resolved! How does FWSM work?
Hi buddies,There are tow FWSM modules in cisco switch 6513 and vlan-groups assinged to this modules like below:firewall module 4 vlan-group 10,100,200,300,400firewall module 5 vlan-group 11,600,800,1000and then valns asigned to this vlan group like b...
Hello! I have been under attack that keeps dropping my network connection. From the logs, it seems to be from a SYN-FLOOD. The source is sometimes 162.125.6.14 and other times it is 162.125.9.14.I have done everything I understand to do in the rou...
I've got issues with a Firepower Module on our system and will be re-installing it.I've researched the method and I've never done this before and would appreciate a sanity check to see if I'm missing anything before I go ahead and submit the change d...
Resolved! asa objects
Hi ,The above is object from ASa ASDM , some are shown in green and some are shown in blue What does it mean Thanks
Resolved! CTS & SGT behavior in C9K environment
Hii want to share my experience of deployment of CTS/SGT in campus built with C9Ks & ASA 5516X as WAN-edge router.C9Ks run 17.3.3 , ASA runs 9.12 . Simplified topology:To clarify on notes: on the ISE all C9Ks & ASA are configured for TrustSec, pac-pr...
I need to turn on FIPS to be stig compliant.In my asdm, i can go to a FIPS page and it is unchecked.If I check it, i understand that it will use higher grade security measures but should I be worried about everything breaking if I do? Thanks for any ...
All: What the latest status on DECRPC inspection of MS Windows RPC DCOM on ASA platform? There is discussion as far back as 2010/2011 (12 years ago) that the functionality was entirely broken with the latest versions of the protocol library from Mi...
Hi, I am using Nagios to monitor our windows server using WMI. So I configure the DECRPC on our ASA 5520 firewall but i still see the deny on port > 1024. Below is the configuration: class-map MSRPC match port tcp eq 135!policy-map type inspect...
