Is it overkill to have threat detection scanning on an ASA 5516 with Firepower services? Can I get the same and better protection from Firepower only?The reason for my question is that I get several tickets a day to un-shun VPN users. It's not always...
Forum Posts
Hello all, needed assist to handle task of password recovery for FTD 4100 ..My case is that i have HA between two FTD 4100 handle traffic and managed by FMCvwhat is the best solution to recovery password of FTDs with out interrupt the traffic
Community, I am trying to understand what a "Netflow Equivalent Syslog" is but am having trouble finding any adequate explanation. There is an option in the FMC to enable "Netflow Equivalent Syslogs" in the syslog settings of the FMC, but I am not qu...
Resolved! IKEv2 | Zone Based Firewall | VRF
------------------- Cisco ASR 1000 ----------------- crypto ikev2 keyring Keyring_HF_Test_ARpeer Peer_Test_ARaddress 81.x.x.xpre-shared-key abc123 crypto ikev2 proposal Proposal_HF_Test_ARencryption 3desintegrity sha1group 2 crypto ikev2 profile Prof...
Hi i am looking how i can keep backup from FTD when i have only ssh access,for example on a switch i do show run and i have almost all the infos to restore the switch but with the firepower i am not sure if its possible. In this case we dont use FMC...
helloPlease try to open on me firewall 5506-x the OpenVPN UDP port 1194, but without success.Define the machine and port, also double check the udp port, no chance. access-list outside_access_in line 1 extended permit udp any host 192.168.16.9 eq 119...
I am using algosec fireflow for policy deployment in ASA firewalls.. algosec requires grouping of multiple IPs/Services into a single object.. for ex.. source 1.1.1.1, 2.2.2.2 destination 3.3.3.3 , 4.4.4.4 , 5.5.5.5 service : https , ssh , http I n...
Resolved! Context license for 2130 in HA
Dear all, I have a customer that want to use the ASA image on the We have a customer that want to use the ASA image on two 2130 in HA mode and also use multiple contexts. Do we need to buy the context license for two boxes or just one? BR And...
Hi,on friday I tried to upgrade to asa9-14-2-15 and asa9-14-2-13.Currently we are on asa9-14-1-30. Because of the newly published vulnerabilites I wanted to upgrade.It it an Failover cluster. After pushing the file on the machines and putting it at f...
Hi, We have a number of 5506-X devices licensed for URL, IPS, and Malware filtering on the Firepower Module. These are installed in an education setting and therefore it is critical that certain content is blocked for the children using the network. ...
We have an ASA5510 (running the last s/w for that device) that has long been providing ipsec VPN service to our users whose primary purpose is to give remote users secure access to inside our firewall.. We had a temporary network change a couple of ...
I found various Cisco articles regarding multicast support for FTD (4120) and vFMC. I've not been able to track down limitations, t though. The firewall pair will be configured as routed HA, and the firewalls will be connected to a pair of Nexus7K us...
My client has 2 ASA 5545 9.12 (3) 12.Both are configured in LMS with your correct and verified credentials. but when executing any task, it reports a validation error.When trying to run a Compliance baseline, one of them does it successfully but the ...
Resolved! FMC Backup Files
Hello Everyone, We have a FMC 2500, and I noticed that its backuping twice the configuration files.The first time is on the folder we specified and the other is under "sf-storage". I wonder if its because the "Remote Storage Device" is configured and...
This is our 3rd implementation for a particular project, and the first two haven't had any issues. This is an ASA-5506X HA pair, and it resides wholly within our perimeter firewall - there is no connection directly to the Internet. With this implemen...
