Network Security

Resolved! MALWARE-CNC User-Agent known malicious user-agent string AutoIt

Hello Who could tell me how to be sure whether this IPS event (MALWARE-CNC User-Agent known malicious user-agent string AutoIt ) is false positive. I get this notification very often. Device : firepowerTimestamp : 2020-03-30 10:18:53Protocol : tcpAle...

Resolved! TFTP ASA Image

Current error I'm getting, not sure why.ciscoasa# copy tftp flashAddress or name of remote host [10.0.0.220]? 192.168.101.150Source filename [asa917-32-k8.bin]?Destination filename [asa917-32-k8.bin]?Accessing tftp://192.168.101.150/asa917-32-k8.bin....

891 does not display running config below privileg level 15

I have numerous routers deployed in my network. These are a variety of 4331, 4321, and 891. I have set them up with a privilege level 5 login so that network technicians can view the running configuration, view interfaces, and do basic troubleshoo...

Resolved! Cisco ASA 5545 Boot Image Priority

Hi All,One quick question. Let's say we boot 2 images on the boot system like the following vpnb# sh run bootboot system disk0:/asa943-smp-k8.binboot system disk0:/asa941-smp-k8.binvpnb# If the first image fails/or if it's corrupted while booting th...

Resolved! Change which image is booted on an ASA5510

Hello, I am wondering how to change which image is loaded by default on an ASA5510. I have two image files stored in the flash memory on disk0:/ but need to change which one is loaded on boot. I used the command "boot system disk0:/asa722-12-k8.bi...

Resolved! Nat and Redirect several ports in one command

I was wondering if I can combine these two commands into only one command? if it's even possibleessentially I just need to redirect one port and everything else doesn't need redirection just being forwarded object network PRTG_RDP host x.x.x.240 na...

ASA 5505 does not boot into rommon mode what should i do?

Doubt regarding default webvpn and default RA group

We have a config where we have not enabled specific tunnel- groups for the users to elect when they log in the anyconnect client. This should mean that when I log in the anyconnect app with my username and password I will be placed in the defaultRA...

FireSight PIX Shun Remediation Module Error

In my previous post, I was able to successfully load the PIX remediation v1.1 module into FMC running 6.0.1. I have since tried actually running the SHUN remediation against two firewalls, but am running into an error, and I'm hoping someone on the b...

Resolved! FMC/FTD list of RA VPN sessions

Hello. We have a redundant pair of FTD 2110 managed by a virtual FMC. RA VPN users connect to the FTD using AnyConnect. They are authenticated using a RADIUS server.We need to have a list of RA VPN sessions: at least username, login time, logout time...

Resolved! Upgrade SFR Module from 6.2.2 to 6.2.3 on ASA5525-X

Hello,I'm attempting to get our SFR module on a ASA5525-X upgraded from 6.2.2 to 6.2.3. I downloaded the Cisco Network Sensor Upgrade (v6.2.1 and above) Version 6.2.3-83 as directed by the Cisco downloads page. I uploaded the file to our FMC (v6.2.3...

High CPU from process SFDataCorrelato

Hi, we have 2100 FTD with fmc, and we find sometime just one CPU like CPU02 100%, the other just 12%. with "Top" command we find this process "SFDataCorrelato" do the high CPU...why? what the job about this process? should I worry about this? Regard...

not login to Rest API ASA5525-X

HelloI'm trying to start using a REST API. I just can’t log in at https:10.78.8.3/api/objects/networkobjectsconstantly logs "%ASA-6-113015: AAA user authentication Rejected : reason = Invalid password : local database : user = asaadmin1" Hardware: ...

ASA 5506 AnyConnect VPN Session logs

We have an ASA 5506 v9.10 configured to allow Cisco AnyConnect VPN connections for any user within AD that is a member of the VPN security group. Although I can monitor live VPN connections using the ASDM (7.13) I need to be able to view VPN session ...

Python for Network Engineers course

We periodically run a free course on Python for Network Engineers (about once a quarter) and that time has come again...so we will be running this course again starting on Tuesday, Sept 3rd.The course is fundamentally about Python, but told with a ne...

Network Security

Forum Posts

Resolved! MALWARE-CNC User-Agent known malicious user-agent string AutoIt

Resolved! TFTP ASA Image

891 does not display running config below privileg level 15

Resolved! Cisco ASA 5545 Boot Image Priority

Resolved! Change which image is booted on an ASA5510

Resolved! Nat and Redirect several ports in one command

ASA 5505 does not boot into rommon mode what should i do?

Doubt regarding default webvpn and default RA group

FireSight PIX Shun Remediation Module Error

Resolved! FMC/FTD list of RA VPN sessions

Resolved! Upgrade SFR Module from 6.2.2 to 6.2.3 on ASA5525-X

High CPU from process SFDataCorrelato

not login to Rest API ASA5525-X

ASA 5506 AnyConnect VPN Session logs

Python for Network Engineers course

about FTD-V

Unable to edit and save a text object

CSCwo71835 - The NAS-IP-Address attribute is missing

FMC API to get real time VPN/S2S tunnel and CPU/Memory perf metrics

Firepower 2130 -how to resolve plugin 70658 SSH Server CBC Mode Cipher

SSH with X509v3 certificates

FPR‑4145 EOL/EOS ?

Firepower 4125 - how to resolve plugin 157288,

Cisco FMC QoS filtered by application

Disable checking of SIP traffic on FTD via FMC