Hi all,While running a packet capture on an access switch for a device (10.1.1.1) I blocked it's internet access on the FTD (4125) as it was trying to reach 50.1.1.1.I did this by blocking all traffic for 10.1.1.1 through the FTD with a "Block with R...
Forum Posts
Resolved! ASAv unlicensed after reboot
Hi all, I recently upgraded one of our ASAv's to code 9.12.4-10 as an interim code, just to keep a customers appliance up to date. Upon reboot, the device was alerting as unlicensed and therefore ran at a rate limit of 100kps and with (i think) up to...
Resolved! FMC Virtual problem.
How long does it take to check the data base tables? Yesterday I installed the FMC KVM, still the system checks the database.("Database tables are still being checked, Proccess Manager will not start"), Respectively, of WEB GUI is not available. Is t...
I am currently having to configure a new C921-4P. I have read over the documentation and crawled the internet but cannot find anything that can help with a few requirements I need to fulfill. These requirements are from the L3 switch stig. 1. Disab...
Resolved! Firepower feature question
Dear Community, On the ASA there are a few options that dictate what traffic can flow between interfaces. These options are: -Enable traffic between interfaces that are configured with the same security level-Enable traffic between two or more hosts ...
Resolved! Cisco ASA 5540 can be upgraded to 9.4?
Hi everyone,I have Cisco ASAs 5540 running asa917-29-k8.binCan they be upgraded to 9.4? Cheers!
Hi, We're planning to upgrade FMC to version 6.3.0.Below is the status of the current devices which we've: ASA-5506x, FMC has been given 4GB RAM for the previous iOS version on the VMware. So, can we upgrade the FMC version to 6.3.0 with 4GB RAM on V...
Hi team,The FMC running version is 6.4.0.9 and FTD also. I installed the patch 6.4.0.10 for HA FTD.After installation, I need to deploy the policy. But I FMC generated below error.Deployment failed the interface on devices are out of date.I have rest...
Hello, How can i do to capture a VPN trafic which is encrypted and passing thought my firewall. Here is the architecture (10.10.2.1) PC1-----------VPN1--ASA--VPN2------------PC2 (10.10.3.1) I want to look the tcp protocols which is sent by PC1 to PC2...
Resolved! FTD Out of Compliance
Hello,My FTD is out of compliance because of wrong contract attachment.Today I just checked my smart account which seems the number of license is ok. I would like to know: How to re-activate my license using FDM (I don't use FMC) From Cisco FTD-smart...
Resolved! IKev2 dh group 27
Dear Team, I need to establish a VPN tunnel between Cisco and Fortigate. Here request was DH group - 27 need to configure in between the site. I am having cisco ISR 1001-X.Hence could you please suggest to me.
Resolved! firewall requirement
Hi,Customer with around 2000 employees and 2-300 servers / applications also need IPS. Which model you guys suggest ?
Resolved! Unable to reach DMZ from VPN subnet
I'm having an issue reaching the DMZ network from VPN. I need to be able to RDP to the DMZ host 10.20.1.2/24 from the VPN subnet 10.2.2.0/24. I have configured the NAT policy and ACLs but still not able RDP to the DMZ host. Please see the ASA 5505 ru...
Hi When user login SSL VPN (ASA 8.0), how to apply group policy base on their user name without to choose the gorup option at login page. The problem is when I check the option for user to choose the group at login page, it work fine. But without tha...
Resolved! BGP in cluster FTD
Hi all, shortly have to RUN BGP a couple of FTD 4115 in HA, managed by a 1600 FMC, it's all on premises. I was wondering about the BGP sessions if they have to be established according to which of the following cases:1) one router peers with both act...
