Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...
Forum Posts
Please help. I have an ASA 5506-x connected to a 3750 swich. I cant ping 8.8.8.8 or anything external from the switch. I cant ping the other vlan subnets either ( the ASA has the route back to these). However, I can ping 8.8.8.8 and tracert successfu...
We have a Firepower 2130 that has all it's NAT rules/policies as being imported from our old ASA 5525. The ASA is still in production for a different purpose. While I can see the NAT rules on the Firepower, I can't edit them unless it's done on the ...
Host-A can ping firepower from inside to outside in range (10.10.10.0/25) but not in range of (10.10.10.128/25). If wild card 'ip route' at core-switch is set to follow (10.10.10.10.128/25) then Host-A can ping all ip's in that range. But all ip's in...
FTD has a regular schedule in FMC, but it never backs up to the remote server as it is configured to do, it always backups to local var. FMC backup to remote server works fine. The TEST button when testing remote connection/server works fine. Initiat...
Hey Folks, I have FMC with 4 FTDs (7.2.8), I'm trying to run this command for example on the CLI <grep -i -E "KexAlgorithms|MACs|Ciphers" /etc/ssh/sshd_config> what I noticed, is that the Space key is not taken, and for any command that has space, th...
I've noticed in FMC that I can see traffic logged that traverses the FTD however traffic to the FTD is not logged. I am curious to see if someone is trying a port scan or something like that. So for example if my FTD interface is 192.168.0.1 and I ...
my FTD is not connected with FMC and is showing a pending state. checked on my FTD , the time was showing wrong and NTP server was also not Sync# show ntp NTP Overall Time-Sync Status: Ntp Config Failedplease help me removing my current NTP server a...
We have a Cisco Firepower 1120 (ver 7.2) managed by FMC (ver 7.2.5). Our ISP is currently delivering 500 MB of DIA to us over Ethernet 1/1, which we have designated "Outside".We are upgrading to 2 GB of bandwidth and since the 1120 only has 1 gig por...
Hello,Can anyone please help me understand how the FMC and FTD backup work. I do backup of the FMC and the FTDs from the FMC. When it shows on the FMC, i download them and save them. After that i delete them from the FMC. Now were they stored on the ...
HiI have an FTD managed by FMC and I need help with a NAT rule please,I need a client's DNS request to be translated into a pool of IP addresses before it gets translated into our public IP.Can this be done with a single rule or will I have to use mu...
Hi,Little bit of background. So we just got a new fmc to make our existing FMC HA. the issue is, our current FMC is already on production so its already manage more than 10 FTD, I want to know if there any impact on the FTD (like RTO or something) wh...
Does Cisco have a tool that will make the creation of a 500 + network objects easier for a new FW build?
Hi to alli have a situation where my secondary FTD (i have a pair working on High Availability) has a warning for SSE connector failure: "SSE Connector Down NA NA" I found a bug associated with this and it is bug CSCwj14589. I found out that on the s...
Resolved! Rollback FTD from cdFMC to on-prem FMC
According to document, quoted and link below, "You have a 14-day evaluation period to review and assess the migration changes that are made to the threat defense devices before CDO automatically commits them. During this evaluation period, if you are...
Hi All, Wondering if anyone has seen this problem. Trying to register a 6.4 FTD with 6.4 FMC. Logs on the FTD are showing errors with the FMC SSL certificate and the sftunnel is never established between the the two devices. All devices are straig...
