Network Security

%ASA-6-302015

Hi , Here 92.168.2.100 is a LAN device, but I have not opened the port 6015 port on this machine <166>Jan 22 2021 08:59:44: %ASA-6-302015: Built outbound UDP connection 1717941741 for Outside:4.4.4.4/8888 (4.4.4.4/8888) to Inside:192.168.2.100/6015...

Resolved! Monitoring Cisco Firepower 2110 in HA

Hi I have 2 Cisco Firepower 2110 Threat Defense v6.6.1In HA mode I'v searched a lot but haven't found clear answer. Question is:What interface does not change ip address when failover occur ? That is:primary active / secondary standbyprimary standby ...

Cisco FMC - scheduling - push latest update

Hello everyone,I want to schedule a "push latest update" to the version 6.7.The problem is, that i cant choose any version in the scheduler and he don't use the available updates on the FMC. I get the following email message. Scheduled Task: Push Upd...

Access-list in FMC and ASA

Hello guys, We have ASA-5555-X with sourcepower which is mnaged by FMC. If we create ACL in fmc and deploy, won't it be shown in ASA Cli? But, we can not see there. Also have applied the 'sfr_direct permit ip any any' statement to redirect traffic. I...

Resolved! Best practice for securing general Internet access - FMC - FTD

Hi Everyone, I'm looking for recommendations for the best methodology you follow for a typical internet access on the firepower firewalls. For this case people are allowed to use the internet for personal use (social, videos, email etc) so long as i...

Resolved! FMC shut properly

Hello Guys how can i shut Properly FMC from both CLI and GUI to avoid DB corruption pls see attachment thanks

Are wildcards in URL filtering supported?

I am cleaning up my policy rules and wondering if an asterisk can be used in an ACP? I have read this post but it is from several years ago and not sure if it is still an issue: https://community.cisco.com/t5/firepower/using-wildcard-in-url-filtering...

Resolved! FMC 6.6.1 User Agent Deprecated warning

We upgraded our FMC to 6.6.1 from 6.4.0.9 last evening.Everything is working, but we have a warning in Health Monitor: User Agent has been deprecated and will be removed in a future release. how do i clear this up so I don't have a warning on my syst...

Access Switch ISE Report

Is there a report that can be generated which shows access switches/ports that do not have ISE commands on them?

Is the 5930 Family of Signatures still used with Firepower IPS?

Hi, I'm looking into getting a firewall with Firepower Threat Detection. I want to know if this will give me any SQL Injection protection via the IPS. I've looked this up and I see old entries from the Cisco Community from 2008 and 2011 that mention ...

Resolved! Port Forwarding for Voice Application

I wanna configure a port forwarding on ASA so users can register their smartphones, wherever they are, on company PBX. I did configs as below, but softphone not registering. Can you please help me?:ASA Version 9.6(1)!interface GigabitEthernet1/1name...

Resolved! FTD and deploy task (not working)

Hi!I have fresh started Firepower 1010 with FTD 6.4.0-102 on it. I'm connected to Cisco Smart License service. The issue is I can't submit any changes I did in web interface to running config. What I do:1. Make some changes.2. Press that round grey b...

Cisco FMC access control policy POST a 'BLOCK' action using API

I am trying to post a rule using {'action': 'BLOCK'} but this is failing. If I change the action to {'action': 'ALLOW'} the POST is successful. I have configured a rule with the block action in GUI and then checked the output in api-explorer and th...

FTD Upgrade - 6.2.3

Hello Cisco Community I'm running into an upgrade issue - I'm looking to see if any anyone has come across such an error when upgrading "FTD (41XX)" from 6.2.3 >>>> 6.6.x - see below Upgrade_status.log-----------------------PERCENT:[ 3%] MESSAGE:F...

ACL with service object - Help

Can some please help me understand following ACL. object-group service SERVICE_Object service-object tcp eq 30175 service-object udp eq 30175 access-list OUTSIDE extended permit object-group SERVICE_Object 1.1.1.1 2.2.2.2 is it 1: any traffic from ...

Network Security

Forum Posts

%ASA-6-302015

Resolved! Monitoring Cisco Firepower 2110 in HA

Cisco FMC - scheduling - push latest update

Access-list in FMC and ASA

Resolved! Best practice for securing general Internet access - FMC - FTD

Resolved! FMC shut properly

Are wildcards in URL filtering supported?

Resolved! FMC 6.6.1 User Agent Deprecated warning

Access Switch ISE Report

Is the 5930 Family of Signatures still used with Firepower IPS?

Resolved! Port Forwarding for Voice Application

Resolved! FTD and deploy task (not working)

Cisco FMC access control policy POST a 'BLOCK' action using API

FTD Upgrade - 6.2.3

ACL with service object - Help

Secure Firewall 1200 HA topology with 03 ISP link´s and SD-WAN

FMC 7.4.2.1: Missing active sessions in Remote Access VPN dashboard

FTD not recovering RADIUS server down

FMC 7.4.2.1-30 unsets/sets DNS domain-name every day

Cisco FTD SNMP OIDs for Site-to-Site and Remote Access VPN

Smart License lost after Powerfail / Reboot

Firepower 1120 has wrong (falcon demo) license active

L-CSF1230-TMC-3Y 's TOP SKU

FMC error has unknown CPU number

Cisco FirePower