Hello,I can't solve issue with failover outage.Setup:2x virtual FTD (ASA 9.9, firepower 2.3) running in failoverin DC1 (ESX-A) is runnig: FTD-1, SERVER-1in DC2 (ESX-B) is runnig: FTD-2, SERVER-2FTD is running transparent (bridge) modeNW design: [ESX-...
Forum Posts
Resolved! FMC verify Sip is not inspected
I'm running FMC 6.2.3.14 on 18 ASA devices.I have disabled SIP inspection on my ASA devices, but how do I do this in the firepower policies?I'm assuming the sfr policy on the asa routes all traffic through the firepower module, which means that firep...
HI,Basically we have two ASA 5525 version 9.9.2 with SFR Module version 6.2.13, So i need to Install the FMC on vmware EXSI, for centralised management and need to confirm that what will be the procedure to install and configure the FMC on vmware EXS...
Resolved! Firepower 9300 asdm issue
Hello, Does anyone know if the ASDM is handeled differently/automatically when deploying an ASA image onto a available Security Module on a Cisco 9300 chassi? The only ASDM file that is showing locally (dir) is "asdm.bin" without any version number i...
ASA5525 stopped responsive and was not accessible via ASDM, although it was accessible via SSH. And the issue was resolved after reloading the ASA. We noticed after reload there are numerous ‘FSCK0001.REC’, ‘FSCK0002.REC’ files etc on the flashcard...
Hi All , I have an issue with the site to site between 5512 and 5516 The site to site used to work .. but suddenly after a power outtage ...at the 5516 end the issue started .. we restarted all the fw accorss the sites .. not the 5516 will ...
Resolved! Geolocation discrepencies
Hi there,We're running FMC v6.3.04(44) with Geolocation update 2019-07-18-003. We have noticed that some IP addresses get identified by FMC as originating from the US, but many other online sources when queried for the same IP address show the addres...
Resolved! Bleichenbacher attack on TLS CSCvg97652
Our ASA 5512 with ASA software 9.8(3)8 was found being vulernable with the Bleichenbacher's Oracle Threat (ROBOT) vulnerability after scanning. IS there a new fix for this? I thought the fix should already have been applied in this ASA version. If n...
%ASA-6-106015: Deny TCP (no connection) from xx.xx.xx.xx/sp to yy.yy.yy.yy/dp flags RST on interface insideHi, I am getting the above message on syslog.Wat cud be the potential issue.Is it with my ASA or with the destination server?There is an alllow...
This is the link that I am referencing: https://software.cisco.com/download/home/286259685 Below is the screenshot...Where do I find this number (1000,2000,2500,4000,4500)?
Resolved! FTD Policy previously applied.
I applied a new policy to an FTD, but now I need to know which policy was previously applied. I searched system> monitoring> audit but could not find the information. Does anyone know where I can find this information?
Hi, Setup:Cisco Security Manager 4.14 Build 78 SP2ASA 5585 (multiple context mode)ASA v9.6(2) Problem: I am trying to implement rules for all Interface (global ACL); however, when I do a detect out of band changes on the CSM I get an error stating th...
Yesterday I tried to set a DMZ on Cisco ASA 5525 And i have a server in DMZ already with 192.168.10.20 I have also a public IP of 154.72.196.42 from my ISP So when i hit the ISP IP via internet to access my web server in DMZ it gives me an erro...
Hi, We have FMC 6.2.3 that is constantly showing high memory utilization. It is installed on VMware with the minimum requirements.It is controlling two ASAs with not much traffic passing through them. Output from top Mem: 7508840k total, 6830632k us...
Hi, i have a customer with two virtual FMC appliances which obviously dont support native HA, and the underlying hypervisor also doesnt have any failover mechanisms, and will never have this. As a workaround i thought about using the RestAPI with Pyt...
