Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from Wednesday, March 4, 2026 through Wednesday, March18 2026. Our Experts Ike Chon, Scott Nishimura, Annya Martinez Foster, Jyhan Ocana Casillas, Eder Pacheco, Willi...
Forum Posts
Hi guys, I have been working on Cisco FMC lately, trying to learn as much as possible so I can prepare to take my SNCF test. While doing this, I noticed in the top right corner I could change the view from "Light, Dusk, and to NEW". I changed mine to...
Resolved! Talos Connectivity Problem
Hi to all ,i am getting many messages as the following:Severity: criticalModule: Talos CommunicationDescription: 3 modules failed:* URLDB- Failed to retrieve beaker inventory* LSP- Failed to retrieve beaker inventoryMy subscription is active (it expi...
Hello, I’ve setup a posture configuration to work with our RAVPN. Basically I’ve 3 rules: Compliance OK, where I return a permit all ACL Compliance not OK, where I return a limited ACL Compliance unknow, where I’ve configured on the authorization pr...
Resolved! FMC: Automatic renew certificates?
Hello,Managing certificates is getting more and more a nightmare as the valid lifetime will be reduced to 47 days, especially on devices and virtual appliances that don't support any kind of automatic renewal protocol.What are the options in FMC to a...
Good day team!We have 2 servers connected to each other with 2 patch-cords.On vCenter admin configured 2 portsPort14-VLAN-1111-1114 VLAN trunk range: 1111-1114 Virtual Machines (4) ----! 3 ASAv Primary and FTDV-1 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
I've created a VPN successfully from a Cisco FMC managed FTD (v7.4.2.4) to a AWS VPN gateway, but am having issues as the IKEv2 phase 1 SA lifetime doesn't match. The AWS side always uses 28800 and I've configured a policy on the FTD to use 28800 se...
Running Cisco Firepower 1150 Series on 7.7.0 and we still have the high temp alerts.
Resolved! Breaking HA on 1150 NGFW Confirmation
I just need some confirmation on breaking HA on my 1150 NGFW. Unless told otherwise, the reason I have to break HA is to apply a Platform Policy. Everything I read says I should be able to, but FMC states since they are in HA I have to break them. So...
8 out of 13 Firepower Threat Defense devices joined FMC as having a Chassis. Some joined without it likely after upgrading to 7.7.0 however most of our FTD still have this bug when running 7.7.0. 1140's and 1150's. Our 1150's also have this bug. http...
Hello, I am preparing to migrate an ASA 5555-x failover pair to FTD 3105 and have a question before starting this migration. I guess I should add the new FTDs to the FMC before I start the migration tool, but are there any other reccomended pre-tasks...
Hi, We've got Cisco Firepower 1120, with standard tier licensing. Can I use that device for remote access VPN?We don't have Strong Encryption License purchased.
Hi everyone, I’m looking for some advice regarding a persistent connectivity issue we're facing with our CUCM 15 deployment. We have a cluster spread across two physical sites with a Cisco Firepower firewall at each site. Every 60 minutes exactly, we...
Hello, Is it possible to transfer firewall software from an existing 2105 platform to 3105? Thanks
Resolved! Managing FTD using FMC via IPSec
Hi Team, I have a FMC in US and there are FTDs in India, Currently the FTDs are communicating via MPLS from India to US. Can we configure a IPSec tunnles between India and US FTDs as Secodary Path. I am planning to set as Path monitoring. so If the p...
Dear Team, I have a problem related to BGP configuration. I have below topology: I want to run two BGP instance (two AS number on FTD): 1. BGP AS 49001, where FTD will establish iBGP with upper router 2. BGP AS 65001, where FTD will establish eBGP w...
