Hello, i want to ask regarding sourcefire interface status. I have this topology. Cisco asa - sourcefire ips - switchwhen i unplugged the cable in cisco asa, what will happen to the switch port interface ? will it go down or still up ? Thanks
Hi, We have rules enabled with IPS policies in place. However, we can see that certain rules are not being inspected by IPS and they are being fast-pathed in the firewall. I can see the fast-forwarded flows in the show snort statistics command on t...
HelloI'm wondering if anyone can advise me if I reassign a Cisco ASA context to a different class do I need to reload the firewall for the change to apply?For example I define a gold class and apply it to my context.hostname(config)# class gold hostn...
Hey Everyone, Just wondering if you know if the Azure VPC tunnel is supported on the Cisco ASA running in active/standby mode (ie., will the Azure VPC still work when there is failover)? Secondly, the documentation says the following (https://www.cis...
Dears I Have intigrated Duo Proxy server with cisco firepower to authenticate anyconntct logins as done in below documentationhttps://duo.com/docs/cisco-firepower But When I try to enter username and password ,it will fail and says no valid certifica...
Hope everyone's well! Could someone advise on this please? We're looking at installing Firepower devices, with ISE-PIC to provide SSO information based on Active Directory users. We need to control and log web access to URLs based on AD username. Fr...
I could be wrong but I thought if I set the Intrusion policy within a particular Allow Access Control Rule as None, the FTD/Lina would not send traffic to snort for verdict...But if I do a packet tracer, it seems like FTD still send traffic to Snort....
I'm wondering if it is possible to block requests to a specific URL hosted behind our Netscaler ADC using FMC and IPS 2100. I have a general Geolocation access policy within FMC applied to our edge IPS devices, but was wondering if it is possible to...
Hi We use a Firemon management tool that needs to communicate with different ASAs on the company. We have no problem with most firewalls, but for one of them, Firemon is not able to collect its configuration. Firemon support told us that the tool co...
I have firepower 2110 firewall & it is running with FTD IOS & managed locally FDM. I would like to configure SNMP to monitor Firewall in Network monitoring system but I could find any option in firepower 2110 in FDM to configure SNMP featur...
I'm a bit stumped with this, just standing up a new, (to me), 5508-x pair in HA. Managment interface is up and I can SSH / ASDM to it fine, I can ping the mgmt interface both from the same network and from a remote network with no issues - there is a...
Good morning! After restore from Restore disk i have problems with configuration. (FP 6.1)My main problem - integration with Active Directory. (I have windows 2019 AD and I read about Supported Servers for Realms - 2012).1.So, where can see log on fi...
Hello there, What is the best procedure in order to migrate a Cisco 5525-X ASA with Firepower Services to a Cisco Firepower 21XX series ?I've heard of the Cisco Migration Tool, but from what I can understand this tool utilizes only conversion from AS...
Hi all A pen test shows us that several resources which are published to the Outside via an ASA-5545 (also with a Firepower device attached to the ASA as a module) replies on the ports tcp/2000 and tcp/5060, which is the Skinny and SIP protocol. Even...
Hello,We have a bit of an odd setup for accessing our ASA from ASDM. I will lay out the process: From our VDI instance, we open putty and ssh into a management server. After we are connected to the server over port 22, we then create a tunnel to one ...
