Network Security

Hi all, Would someone be able to confirm that by re-imagine an ASA to the FTD image that all aspects of the ASA will be able to be managed via FMC. As of version 6.4 are there are noticeably ommisions from the ASA running the FTD image or items that ...

Dear all. do you recommend to enable "HTTPS Certificate-Enable Client Certificate"?if you say yes, which option I have to use?   

Hello everyone,I have problem to give internet access to a specific host from the ASA, I have a static NAT from host x.x.x.x to the outside interface and I also have an acces-list  permit the host x.x.x.x to any ip. But the host still not going to th...

can someone told me what is the difference between SFR and IPS module ?  

Hi guys, I have upgraded an FMC 2500 from 6.4.0.4 to 6.5.0.2 and the performance in unbearable.Neither the admins nor the analysts can work efficiently due to low response of the system.I have a new warning notification alerting me about the size of ...

Good MorningMy team recent received ASA 5506.  I'm currently in the process of setting one up for scanning and ran into some issues.  I can not get the thing to pass traffic.  I can piing the inside  from the inside network and outside from the outsi...

I used to be able to view the "ASA FirePOWER" tab on the bottom left hand side of the Configuration once I log in to ASDM however, now it disappeared. I cannot see the 3 tabs anymore (see attached). I can still log in to the FirePOWER using putty and...

My firewall has configured for 3 iPs1- for 0 port 10.80.xx.xx2- for 1 port 10.80.xx.xy3- for firewall itself 10.80.xx.xzBut i am able to ping from other ips also why?  Can we asign more iPs to 1 port of firewall to allow more iPs to data access

Dear all, Dynamic reverse route injection (RRI)  is available for IKEv2 policy-based IPSEC VPNs (static crypto maps).  However with IKEv1 it is only possible to configure static RRI. Does anyone know what we could do on IKEv1 (with static crypto maps...

Hi, I have a bunch of 5525-x running 9.8.2.20 and starting to upgrade them, the first thing I do is update the ASDM version & check it works.  So when I enable ASDM 7.13.1 as the current image, it works, says it needs to upgrade the launcher on my PC...

So on our routers I can do a "show policy-map interface gi0/0", and it will tell me the current QoS usage on that interface with our policy. Is there a way to do that on an FTD? Attached is a picture of the QoS policy we have for our guest subnet at ...

Hi Guys, Im replacing an ASA 5510 which is currently acting as the secondary in a failover setup.Cisco has recommended me with ASA5516.Is there any need of additional licenses to be purchased along with AASA 5516 ? This is my current licenses in the ...

Hi Experts,  We are configuring SNMP on our Firepower-2130 from Firepower management Center(FMC) GUI for Integration with NMS tool. --> Configured SNMP receiver (i.e. NMS Server IP) , SNMP Version : 2 , TRAPs, Assigned a Interface as well.All details...