HiWould having static routes on an ASA with the same IP but with a different subnet mask present any issues?For example:192.168.0.0/16192.168.2.0/24From what I understand it wouldn't present an issue because although they may have the same IP, the su...
Forum Posts
I frequently receive logs from my ASA that indicate random IP addresses are trying to establish a VPN tunnel with it: ASA-4-713903ASA-3-713902 Possible unexpected behavior of a peer occured (e.g., loss of connectivity). Group = DefaultRAGroup, IP = x...
Hello, After upgrading a coupple of FMCs to version 7.4.2.1, we noticed that the "Initiator Country" on the connection events page no longer show any data. We tried to manually update the GeoDB file, but we still not seeing any country information. H...
We are planning to move the Cisco FMC server from the CentOS KVM server to the Ubuntu 22.04 KVM server. Does anyone have any document for same. Additionally what are the precaution need to take to address this
Dear all,how can I change the chassis name on FirePower-1120?firepower-1120 /system* # set name FirePower-1120Warning: System name modification changes FC zone name and redeploys them non-disruptivelyfirepower-1120 /system* # commit-bufferError: comm...
I have Firepower Management Center (FMC) 2600 managing Cisco Firepower 4150 (which will be end of life by August 2025) and my employer has purchased the Firepower 3140 as the replacement. I talked to Cisco sales a few months ago and they said the mi...
We are in the process of setting up a Hybrid Cloud/ On-prem Exchange environment. We can successfully connect over port 443, but when we try to send emails over port 25 we are getting a SSL Block. We are using the Decrypt - Known Key rule set up usin...
hello I am working on an ISE v2.7 to v3.2 upgrade /migration I have staged a VM with a v3.2 build I am trying to understand the timing of the handover for example if I restore the production configuration & install the certs from v2.7 to the v3...
I have traffic flow like shown below -A Microsoft public IP > a public IP on our DMZ firewall on prem > NAT > an private IP on prem.Is it possible to configure FW to forward traffic as shown below?A Microsoft public IP > a public IP on our DMZ firewa...
Resolved! FMC Policy Export
HiThe Cisco Doc for the Policy import/export says the below, Does this mean just the FMCs should be on the same version and the FTD can be on a different version ?? (The importing and exporting appliances must be running the same version of the Firep...
Hello, community!I'm using FTD1010 managed by FDM with latest FW 7.4.2-172. I'm getting unexpected behavior with the box, that passes traffic however it should not do so.I configured 2 rules with logging:I configured SSL Decryption to match this traf...
I recently upgraded to 7.4.2.1 and learned about CSDAC and am happy this is being addressed. Is it possible to apply these attributes to RAVPN split-tunneling? This would be very useful over the existing Custom Attributes.
I have a problem with a URL list in the FMC. I have created a URL list object there. I have saved the URLs in a text document and uploaded them to the FMC. So far, all URLs that I have stored there work. I can also see in the unified events that the ...
ASA 5580,系统版本是8.4(1),现在配置failover时,inside的接口无法启用lacp协议,两端都是active,对端交换机配置port-channel,debug发现有lacpdu报文发送,但是在ASA这边没有收到,同时asa也没有发送报文,导致port-channel一直是down。网络拓扑如附件。现在是9.1连接cisco 7010交换机的10/5口作为port-channel接口,不知为什么,port-channel接口始终无法协商lacp成功,两端均为active,但...
| User | Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 2 | |
| 1 |
