Hello! We are preparing to install a 2110 FTD 6.2.2 High Availability pair (managed by an FPMC). 1. Is it possible to use a wildcard certificate? 2. If not, is it possible to use SANs? Each FTD has to have its own unique name, such as ftd1.<dom...
Hello! We are preparing to install a 2110 FTD 6.2.2 High Availability pair (managed by an FPMC). 1. Is it possible to use a wildcard certificate? 2. If not, is it possible to use SANs? Each FTD has to have its own unique name, such as ftd1.<dom...
I am planning on upgrading my trusty 5506-X to a 5508-X and I would like to know if I can expect an interface performance improvement for the on device management option in ASDM. The 5506-X is quite slow, and I have gotten used to it, but if I am goi...
We have the rquirement from our management to use a four eyes principle (Admin1 makes a rule change, Admin2 has to approve in order for it to be deployed) so mistakes like one admin brings down the whole company with one misconfiguration can be avoid...
Hi All, I have recently built an ISE 2.7 instance and I am trying to configure TACACS authorization based on the Group the user belongs to. I can do this with an AD (External Identity Store). But when I try to do the same with Internal users and grou...
Hello,When using SAML for authentication on Cisco FTD and authorize only for secondary the username is masked out by the assertion token. Are there any attributes in the SAML token that can be used for authorization? Say, if I wanted to switch tunn...
Dear Community, I had a couple questions regarding the Security Intelligence piece of the Access Control Policy: 1) Is there a way to drill down into the Network and URL Feed Objects to see what IP's and URLs are actually contained within? For exampl...
While I was configuring my ASA 5506-X NGFW , the management IP address has reset suddenly and am unable to use the management web interface to configure the firewall. I tried to set the ip address using the command configure network ipv4 manual 10.30...
Hi An easy question for the experienced Cisco Community. I'm configuring an ASA5506 for a simple task. Yes, I know - it's old, but that's what I got right now. I need to isolate an IoT-subnet inside my LAN and I figured that the best way to do it, is...
Hello, I wish to update my ISR 4331's Snort virtual container using the community signature package. I understand the IOS commands to "configuring signature update from a local server", but I am not sure how to create the web page to post the signatu...
Hello, On an FMC 4000, is it a requirement to use the copper managment interface or is it possible to use a fiber interface as management? If so, how is that accomplished?
Dear Community, I am wondering if there are any best practices when it to enabling the intrusion/file inspection on the Access Control Rules. Is it a good idea to enable the inspection on all rules or just certain ones? What are some guidelines/best ...
Could you please guide me to get the Visio stencil for - FPR1140-NGFW-K9 Cisco Firepower 1140 NGFW 1U Appliance.
Hi, When FMC active goes down,the standby do not become active. any solution for this issue.
We plan to deploy two firepower2130 and one vFMC. Since all devices are located in the restricted network, there is no internet access and no proxy Internet service. Can I use the classic license method to activate the device,or the features...
Deny TCP (no connection) x.x.x.3/389 to x.x.x.4/445 or 60637 or 57497 flags RST on interface VLAN 10 and 11 These logs are generated when a sys admin is trying do demote a domain controller and remove from the domain properly and have the existing do...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Subject | Author | Posted |
---|---|---|
02-08-2025 12:23 AM | ||
02-07-2025 12:12 PM | ||
02-06-2025 04:45 PM | ||
02-05-2025 11:10 PM | ||
02-04-2025 06:06 AM |
User | Count |
---|---|
10 | |
9 | |
8 | |
5 | |
4 |