We have a remote location running a PA-850 that has a site-to-site VPN tunnel built to a FTD 2140. The tunnel initially builds OK, and can run months without any problem. The issue is when the remote location loses power and the PA-850 hard boots. Th...
Forum Posts
Hi, I am trying to workout a way to find the the last hit time for all the ACL rules on an FTD from the CLI. In ASAs you can use the show access-list all_name brief command and match the hashes from that with the hashes of the ACEs in an ACL to get t...
I wanna to do two firewalls in cluster (Active/Standby), like HSRP. I haven't found this configuration in ASDM, follow the picture attached.
Resolved! ASA-5506 NAT issues
We have multiple ASA-5506s that are being used for compliance reasons. The first two went in just fine with no NAT statements, but the 3rd one drops around 25-30% packets both to and through the firewall. All firewalls are running 9.8(4) and were con...
Firepower 2110 only has interface type static and dhcp.I cannot see pppoe option in WAN interface.I use FDM for management.
Hello.I'm working with Cisco FMC 6.6.0, and I'm trying to execute the following API call using the API explorer:/api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords/{containerUUID}/operational/commandsFMC API reference for this call:https://w...
Hi all, I would like to get an output on when an ACL was hit for the last time. From within ASDM you can get the date when you hover over the hit count. A bit cumbersome to this manually for all ACLs :(. However I've not yet found a CLI command that...
hello all.been trying to configure this setup for the last 3 weeks.at the moment i have a session on the ise, however anyconnect shows the encryption as none...also, i do not have network what am i missing here?the authentication and authorization po...
Hi All, Kindly need your support , previously i take RMA from cisco for new cisco ASA 5516 to change my broken asa.and after i setup failover new cisco asa. there is notification from new cisco asa like this : no replication at all for both cisco as...
Is it overkill to have threat detection scanning on an ASA 5516 with Firepower services? Can I get the same and better protection from Firepower only?The reason for my question is that I get several tickets a day to un-shun VPN users. It's not always...
Hello all, needed assist to handle task of password recovery for FTD 4100 ..My case is that i have HA between two FTD 4100 handle traffic and managed by FMCvwhat is the best solution to recovery password of FTDs with out interrupt the traffic
Community, I am trying to understand what a "Netflow Equivalent Syslog" is but am having trouble finding any adequate explanation. There is an option in the FMC to enable "Netflow Equivalent Syslogs" in the syslog settings of the FMC, but I am not qu...
Resolved! IKEv2 | Zone Based Firewall | VRF
------------------- Cisco ASR 1000 ----------------- crypto ikev2 keyring Keyring_HF_Test_ARpeer Peer_Test_ARaddress 81.x.x.xpre-shared-key abc123 crypto ikev2 proposal Proposal_HF_Test_ARencryption 3desintegrity sha1group 2 crypto ikev2 profile Prof...
Hi i am looking how i can keep backup from FTD when i have only ssh access,for example on a switch i do show run and i have almost all the infos to restore the switch but with the firepower i am not sure if its possible. In this case we dont use FMC...
helloPlease try to open on me firewall 5506-x the OpenVPN UDP port 1194, but without success.Define the machine and port, also double check the udp port, no chance. access-list outside_access_in line 1 extended permit udp any host 192.168.16.9 eq 119...
