I need to know what is the maximum fo ACE (ACL entries) into the Firepower 2100. Could someone help me?
Forum Posts
HiI've previously had problems with 5512-Xs running ASA having an ACE limit of 100K. Is ACE a relevant limit for 5516-Xs running FTD 6.4.0.4? What about FTD 2110? I've read somewhere the limit is 200K for ASA 5516-X running ASA code but nothing speci...
Hi Team Quick question please , if I have a customer running ASAv and they want to run service reflection , is this supported , I cant find it anywhere in the config guides ? Thank you Julia
Hi,I am facing an issue with URL filtering vs IP Address filtering rules, as the title suggests. Let me elaborate more on the issue:We are using ASA with Firepower Services, managed through an FMC. The two rules at the top are the following:1. Source...
Hello all,Just want to bounce this off you... Today during an upgrade of a server I changed the physical server with a new server. Same IP address and an updated version of Zimbra mail. However, after I moved to the new server (Centos7) I am unable t...
On my 5506-x I manage firepower with the ASDM. Im trying to update the rules because they have never been updated. when i navigate to Configuration>ASA firepower Configuration>Updates and click Download Updates it says "Download updates failed: Un...
Hi all, I have a question about a scenario for which I could not find a detailed answer in any Cisco documentation.- Let's say we have an FTD device managed by FMC.- We have AnyConnect set up, being authenticated via LDAP (AD) with a set-up Realm.- U...
As it is right now I block all STUN traffic. However there is a legitimate use case for it. What is the recommended secure way to handle STUN traffic. Can it be man in the middle-ed like SSL or are there other options to securely inspect the traff...
Can someone please confirm if the Firepower user agent 2.4 supports TLSV1.2? I disabled TLSV1.0 in my Windows Domain Controller 2016 and I'm not getting any mappings anymore, thank you.
Hi,We have Virtual ISE Installed and Looking for Its licensing.I can see ISE-VM-K9 in UDI Information. Is this ISE or ISE PIC and what licenses I needs.Are the licenses free or paid.
Resolved! Deploying FTD Data Center Firewall
Hello,We are working on a solution over deployment of Cisco FTD, F5 Load balancers and Nexus 9K Switches ( DC Core) with following interest: - To control and inspect the traffic from between users and servers.- To isolate the public facing web serv...
Hi. Is there any equivalent to the CISCO IOS archive? Something like: archive log config logging enable logging size 200 hidekeysnotify syslog contenttype plaintext path scp://user:pass@1.1.1.1/$h-$t write-memory
Hello We are deploying a new core 9696 with access sw inside DC, want to deploy:-Integrate new switches with ISE-Use 802.1X for wired/wireless users What are the steps, do we need to config AAA on the switches also or ISE auth is enough. Any templat...
Hello , I don't know how to activate encryption 3des-aes on an ass 5520. it has plus licence activated. But I can't deploy sshv2 neither aes for https and for vpn too. Any one whoo may help me about this issue please. I attached a screenshot of show ...
Hello, I would like to know what he process is for upgrading a site in FTD from a 5506x to a larger appliance. We're planning to add more bandwidth and will likely need more capable hardware. I'm hoping I can just migrate my settings to the new dev...
