HelloI am about to migrate a Cisco ASA (Active Standby Cluster) to Firepower.My ASA Cluster has L2L VPN Tunels (Policy based and Route Based) and Extended ACL's applied to different interfaces for Multiple Clients Traffic.I am looking for Best Practi...
Forum Posts
Resolved! Cisco Firepower 2130 Threat Defense
I have the new generation firewall Cisco but I have two questions?a) Is normal that the deploy is too slow ?b) How to monitor VPNs? The versión IOS is 6.5.0. thanks for you help me!
Hello, Do anyone have documentation on how to configure a firepower 4300 FTD as a SDA fusion firewall? Thanks
Hello,I have noticed that suddenly all the Source Fire Connection Events not showing/recording.If i try to expand the time window i can the last data shown will be since 03 Jan 2020I have changed the Maximum Connection Summaries in Database settings ...
Hi All, Would like to get recommendations from you on ASA Security level and traffic flow. Have two scenarios. 1) ASA Firewall with Three Interfaces. Interface Gig0/1 : Outside (Security-Level 0)Interface Gig0/2 : Inside (Security Level 100)I...
HelloWe just installed an ASA 5516-X to productions as an east/west routed firewall. It is Firepower Threat Defense 6.4.0.4-34 managed by onboard Firepower Defense Manager.The DHCP server is 192.168.5.21The inside of the ASA is 192.168.5.1The outside...
Hello, Hello, we have a topology similar to above. The ASA has a private AS of 65001, and is using the local-as 2322 and and remove-private-as BGP parameters, but the router is still seeing the private AS, 65001 when you type show BGP. Is there a co...
Hi,I am looking to upgrade 2 x FTD 2130 and vFMC to 6.4.0.7 from 6.3.0.2 this week.Am I ok just going straight to 6.4.0.7 or should I go to 6.4 first? Anyone had any issues with .7? It was advised at Cisco Live this week that we get all of our Firepo...
Hi, We have Firepower FMC 6.4 as RA VPN device and Cisco ISE 2.3 as radius server. We have one connection profile and different group policies on Firepower. We want to use different group policies for different AD groups. on ISE we have configured AS...
Does anyone know if there is a way to successfully get a credentialed scan on the FirePower module of an ASA 5516? I just recently had a CCRI (Command Cyber Readiness Inspection) and the auditor stated that I should be getting credentialed scans on...
Hi, I'm evaluating the Cisco Security Manager ver 4.14 installed on a vm-ware machine with windows 2012 64bit with us-english locale. There are two kind of problems: during the installation some of the MS-KB requested cannot be satisfied , eit...
Resolved! FMC HA 6.2.3 to 6.4 Upgrade
Looking at upgrading from 6.2.3 to 6.4 on our FMC 4500s - which are configured for HA. For other minor upgrades we just pause the sync - upgrade the standby - upgrade the primary - and resume the sync. Any experiences with doing similar upgrades - i....
Hello Guys I am getting a little confused with NAT's. Please help me understand it Correctly In the ASA Code before 9, when we have a Static NAT for an Internal IP, your ACL should have the NAT IP as destination to allow traffic from a Client to that...
When trying to change the admin password via GUI (FDM), the "Cannot find the time zone" error message appears (see it attached). The FTD version 6.4.0.4-34
Hi!I want to know whether FTD (without FMC) on NGFW can perform theses functions or not. 1. Tracked Routing- like when the firewall has links to two ISP, and the traffic normally goes to ISP1.But when ISP1 is down, then the internet traffic goes to I...
Recognize Your Peers
.jpg "Hall of Fame Community Legend"){kind=icon}
.jpg "VIP Master"){kind=icon}
