Hi Everyone, not sure anyone has experienced it (google doesn't give any hits for it) but I will try anyway. I want to use Firewall Migration Tool to migrate 3 contexts from ASA to a single instance on HA pair of FTD 3110s. This is supposed to be sup...
I am writing to request some information that would help me solve some problem in my university case study. I am particularly interested in learning about the following:The key differences between ASA firewall and cisco idsWhich one is more important...
hii use 2 ASA in Active/Active MultiContext mode .and i want add 2 another ASA to my network , and switch to active/passivemode without multicontexthow do i convert or migrate every context configure file in system context (.cfg file for every contex...
How do I configure an access control policy in Cisco Firepower Management Center to block large ICMP ping packets?
HiIn the ASA with firepower module, can we use fail-open command with "no monitor-interface service-module" ?Can it still detect fail status of firepower module with "no monitor-interface service-module"
I have Firewall model Cisco ASA5516-X Threat Defense with IOS software version 6.6.5.1-15 and ill do upgrade to IOS version Cisco_FTD_Upgrade-7.0.1-84.sh.REL.tar so i need help to get the correct steps to follow in sequence and also my question abou...
After our FPR-3110s failed over, I am looking for the failover reason. Where does one find this information? Currently running v7.3.1 on both the 3110s and FMCv.
Hello,I am looking to see the MAC address of a FTD interface that is part of a port channel.On the CLI all I can appear to do is run:show interface PORT-CHANNEL and it shows one mac address, not one for each interface. thank you
Hello Team,Managing my FTDs via FMC. Needed help to restrict ICMP on outside interfaces, but allow a few internal endpoints to PING them, for SNMP and other reasons.Once i do this under platform settings, ICMP is blocked to all, even on the permitted...
I have a requirement to bypass traffic inspection or whitelist ip addresses to allow pen testing to take place on our external IP address range. Previously achieved this using service policy on ASA's. With FTD's is the best option to use pre-filters ...
I used to work in a role where I used Cisco AnyConnect on my personal MAC to access my work VPN - this was years ago now. Following the uninstall process, everytime I restart my MAC I receive and "Attention Required" notification that says "Cisco Sys...
Community,In Firepower, is there a way to whitelist a specific IP address in the IPS policy so that the IPS policy does not inspect the traffic but where the IP is still subject to regular access control rules? A 3rd party wants to do external scans ...
Hi, We need to exclude the source IP address of our external vulnerability scanner, so it will not be blocked by the IPS.The point is to simulate external attacks without IPS protection.Adding an access rule on the top with no IPS inspection is not a...
Hello, Lately my company is having some issues with some users that have a common problem. The problem is that the FMC is seeing identities as the wrong users, users who aren't actually logged onto the computers (Windows 10). ISE logs show the correc...
Is there any plan to support ASDM on Windows server 2016 OS?
