Hi Guys, I just want to double confirm my understanding for this feature ISE acts as a pxGrid Controller and FMC subscribes to the controller to receive session data. Note: we have a normal install of ISE not ISE PIC... (Not actually used or installe...
Forum Posts
Hi AllI am looking at moving from ASA to Firepower for Remote access vpn.Does the Firepower support Dynamic access policies ? i.e access lists applied to different user groups? If they don't, then what are the options? we do not use ISE. Also, what i...
Hey We changed the PUBLIC IP in one site...and now we are trying to establich new IPSEC TUNNEL between both sites (CISCO ASA 7.2 - it was qworking before public IP change) .I was able to establish the tunnel but i cannot ping both ends\remote networ...
Resolved! SSM On-Prem Server Generating CSR Issue
I am attempting to stand up a SSM On-Prem server for the first time. It is currently on a test bench connected to a management laptop and a Firepower 2120 supporting an ASA V9.14. I am interfacing via the HTTPS Gui through Firefox with java installed...
Resolved! ASAv ssh connection interface (CML)
Hello, I am trying to connect to the ASAv with Ansible through ssh and i have configured the following:crypto key generate rsa modulus 2048username cisco password cisco privilege 15 aaa authentication ssh console LOCAL ssh version 2 But when i do the...
Dear All, I have an issue configuring PVLAN Trunk for a server that it's not able to configure private vlan itself.This mean following the theory that a private vlan trunk needs to be configured between the switch that is able to configure the pvlan ...
try to open on 5506 port 80 with following syntax on cli object network WEB_SRV host 192.168.1.9 object service HTTP service tcp destination eq www object-group network Internal_hosts network-object 192.168.1.0 255.255.255.0nat (inside_6,out...
Scenario and Objective:We have two Azure Subscriptions, In one Azure Subscription (Subscription 1), behind ASAv firewall (ASA04) there are two networks 192.168.10.0/24(inside) and 192.168.20.0/24(DMZ). In the second subscription (Subscription 2) behi...
I currently have a wildcard cert on my ASA and it will expire soon. The security teamgot a new wildcard certificate. Is the process simply to Add/Import in PKCS format and use the appropriate key? And then delete the old wildcard certificate? Also w...
Hi All Any change to increse more than 5 connection in SSH in Cisco ASA 5516. ??? The maximum number of management sessions for protocol ssh already exist. Cisco Adaptive Security Appliance Software Version 9.15(1)1SSP Operating System Version 2.9(1....
Hello team,I hope your are safe and doing well.I am facing a real connectivity problem with our ASA 5525-x after reimaging it to FTD version 6.6.4In fact, we can't ping the management interface and therefore impossible to join the device to FMC. NB: ...
I know that you can run API commands to get information (as well as put, post, delete, etc...) from ASAs. Is it possible to use an API script to pull the hit counts from policies in ASAs? Thanks!
good day anyone out there running advanced version of FTD / FMC 6.7.0 ...and recently installed 6.7.0.1 , or even more recent 6.7.0.2 , which have WebVPN vulnerability fixes wanted to hear any feedback on updates please. https://www.cisco.com/c/en/us...
Hello, site to site tunnel is up on the firewall but the packet encap is showing 0. It looks like ASA is not sending any encrypted packet to the tunnel. Any suggestion?
