Network Security

Hi All,I am new to working on Cisco Firepower and was looking for guidance on the following:I need to create an access rule to allow access to the Office 365 services.I have all of the domain names required to add to the rule e.g. *.office.com, *.sha...

Hi, I have two 5512 ASA's. I did configuration that FW-2 become Active and FW-1 become Standby. But when I power on the devices always FW-1 become Active. I checked the "show failover state" command I saw that "Ifc Failure" reason. But I check the mo...

Hi, Hi,   I'm planning to upgrade my cluster of ASA from 9.7(1)24 to 9.10.1.   I wanted to know if someone already has done this upgrade ? is there any point of vigilance?   Also i have VPN and hostscan profiles on the ASA , can they be upgraded dire...

Hello,My remote IP is 200.20.x.x network each private IP is nat inside with a public IP address into my core router. From my core, I was able to ping all the remote sites 200.20.x.x but unable to ping the public IP's. From my remote, I was not able t...

Hi All, Anyone was successfull in installing IPS 7.0 on GNS3? I was able to get 6.0 working but 7.0 keeps producing errors like "Connection refused: Network error". I tried with different windows 7 and 8 machines but the same thing happens. If anyone...

Hi, I have two 3850 switch in stacking and uplink from each switch will be connected to Meraki MX65 for redunancy. As I know Meraki doesnt support port bundeling so can I give same IP Address to both ports of Meraki connected to 3850 switch, so if 1 ...

Hi friends, on a freshly installed FPR 4110 (2.4(1.222)), traceroute (as a command) doesn't work: PJFPR# connect local-mgmt PJFPR(local-mgmt)# traceroute 8.8.8.8Invalid parameter in , allowed characters are: a-zA-Z0-9. /:@_[]~-PJFPR(local-mgmt)# Any ...

Is 6.2.3.10 supported on a 5506 running 9.9(2)? From the documentation it seems to be, but I'm having a hard time upgrading from the base 6.2.3 to 6.2.3.10and I didn't notice any intermediate image being required. I've tried the upgrade twice and eac...

Hello team, I'm asking if i can create a file policy that inspect files through encrypted tunnel ssl/TLS communication. regards Ahmed

Hi, I am not sure whether or not this is the appropriate location to ask questions about AMP but, I was wondering when would the "Simple Detection" feature ever be useful if AMP already knows a specified SHA is malicious. Would it be useful to turn i...

There's a good chance I'm doing this wrong, but when I try to forward more than one port on my FTD box, it gives me the following error:   Here's the current rule in CLI:   nat (LAN-Side,ISP-Side) static interface service tcp ssh ssh Any idea why i...

Hi,I found documentation that ssh login should be able using x509 certificates. At least in NX-OS. But I did not find any documentation HOW this can be configured. Does anybody has a hint for me, where I can find more documentation about this? Is it ...

Hi guys, one of my customer's complains about a popup in the ASDM. When he open ASDM it appears a popup (see the image in attachment) that lasts for minutes. If he refresh the page this popup reappear. The only things to make it disappear if he click...

Hi experts! I am feeling really humble as I have been troubled with this for several weeks.  We updated our domain controllers and this necessitated re-implementing our PKI certificate authentication to our LAN.  We have a semi-closed LAN, but allow ...