Hi, the CSO of our Company note that the Password localy saved in Firewall configuration are saved with a md5 hash. Serveral sites at the Internet provide the possibility to decrypt passwords encrypted with those unsecure hashing algorithems. Firmwa...
Forum Posts
Resolved! ISE and VM Hardware compatibility
We have 1 PAN node, 1 M & T node and 2 PSA nodes on vm. My VM manager wants to know the following: VM Hardware Compatibility Upgrade Available On VM: ESXi5.1 and later (version 9)On Host: ESXi 6.7 and later (Version 14)Upgrade to match Host Can thi...
Resolved! Upgrade FTD on ASA in HA
Hello Community, I need good advice to update two FTDs on ASA 5525X in HA from FMC1) do you need to break the HA to update them one at a time? so there is no effect on the service?Or is this process handled by the FMC without breaking the HA?I await...
Resolved! Cant configure interfaces on new FR1010
Hi There,After accessing a new FR1010 from cli, I entered what I thought was the configuration so that I could place the management interface on our network. However my config sits on management0? Which doesn't seem to be a physical interface and whe...
Hi, I want to create IPS Reporting on FMC but cant see any data under any available templates. I wana to create standard Intrusion Report for all kind of Intrusion events. Plus I can see IPS events in Dashboard Summary but None of them reflected in r...
As per the linkhttps://www.cisco.com/c/en/us/products/collateral/security/asa-firepower-services/eos-eol-notice-c51-743545.html#Productmigrationoptions The migration solution for the ASA5525, ASA5545 & ASA5555 is the Cisco Firepower 2100 Series Appli...
hi,i can't seem to issue 'failover exec mate' commands from primary ASA FW and i can only SSH to the secondary FW using the 'local' username and not via ISE/TACACS.the 'show failover' output seems fine and i can ping each other's failover IP and ping...
I Have firepower2100 with smart licence activated. I would like use VPN remote access, my problem is Export-Controlled Features is disabled. I opened case in cisco team, they recommded me to use 3DES-AES license .. I have Two question : 1-i just hav...
Hican anyone point me to a detailed Document for backing up our FMC/FTD's to a remote location i can see the options of NFS/SMB/SSH I have tried creating a NFS backup but I get a failed to mount error, any help would be great. Thanks
We have Cisco 3750 switches throughout which we want to implement mac filtering. Is it possible to setup mac filtering to retrieve its allowed list from an external source. The reason is so technicians who dont understand Cisco can maintain the acces...
Resolved! Please help!
Hi Everyone, There are 3 tunnel-groups i have setup as attached. Because the AnyConnect VPN is for mobile users, and i want the end-user experience to be as seamless as possible. Is there a way that i can "pre-select/choose" the "City Of Sydney" fo...
Hi guys,In order to reduce the amount of policies that I need to configure on my security router, I'd like to be able to reuse policies for multiple zone-pairs, including for the self zone.But if I configure a zone-pair that includes the self zone, a...
I'm currently evaluating a Cisco ASAv in Azure. Right now, all that I am evaluating is client vpn using Anyconnect. When connected, I need it to be able to access resources in Azure as well as on-prem. So far I have it setup to access the Azure part ...
Hi, We Have FMC 1000, version 6.2.0 and IPS - FP7115-K9, version 5.4.0.1. Unable to deploy IPS in FMC due to version incompatibility. So i we suppose to upgrade the IPS version to 6.1.0. As a initial step, we tried to install 5.4.0.2 patch in IPS via...
I am a firewall newbie so please excuse my ignorance. I need to open some firewall ports to setup a Barracuda web filter. Do I open ports under NAT Rules in ASDM 7.9 or some other place? Thanks for any guidance, I really appreciate it. Here are the p...
