Like the title says, I am looking to setup a connection to an endpoint, but, with connectivity via 2 x IKEv2 tunnels (I've only even done single tunnels). It appears to me that if we set them up in paralell, we would run into all sorts of NAT issues ...
hi need some help with configuration of this firewall i already use the basic configuration and it doesn't let anything pass through . the network in the top is the outside and the one on the bottom should be the outside. I don't know if I have to ch...
Dear All My Friend, i have ASA5516 with firepower services and Virtual Firesight Management (2 license VM). if i order SmartNet (CON-SNT), this is included for Software Upgrade Firesight ? if not, what is main SKU we must order to extend Software Up...
Hello, We cannot access ASA mode on new equipment received from Cisco (RMA) Here's what we have: firepower# connectftd Connect to FTD Application CLI asa mode does not appear firepower# sh versionVersion: 2.12(0.519)Startup-Vers: 2.12(0.519) Here ...
Firepower 1010 doesn't forward data over port 1/5 after successful upgrade from 7.2.5 to 7.2.6. It does see MAC address of a directly connected router but can't PING it. It can PING its own IP address on the port 1/5 though. It seems it can only IP c...
Hello Guys,I have a question related to logging on Firepower. We have two option to configure it, first via Platform Setting, second via tab in Access Control Policy (this tab is near Security Intelligence, HTTP Response etc.) Question is: What is di...
I was looking thru FMC connection event log and found an odd entry. There is a traffic flow from outside to inside that looks normal except for random times when the interfaces are flipped? Does this mean anything or is it just a cosmetic bug? Note...
Hello,I have a major problem with our Firepower infrastructure comprised of an FMC (7.6) and 2 FTD's in HA. No matter what, after I create an initial policy and apply it to the FTDs, when modifying a rule, say from Allow to Block, and fdeploy, the co...
I am getting ready to perform a migration for my vFMC. Currently, our FMC is licensed for 2 devices. We are currently adding a third firewall so we need to create a new vFMC with the new license. According to our rep we can't just add the new license...
Hi Team,I'm looking for a Cisco recommended design for deploying & integrating FTDv FW pair with AWS Transit Gateway. Design Considerations -The 2 firewalls need to be deployed in a separate AWS VPC with 2 availability zones. And traffic failover sho...
Hello Everyone,I am currently experiencing network latency issues on the transit link between the ASA Core Firewall and the Edge Firewall, which is using the IP range 172.12.1.0/30.The connection from the Edge Firewall to the Internet is functioning ...
I am migrating 2 ASA and 1 FTD into a single FTD managed in FMC. I have created 3 VRs on the FMC and after migrating the first configuration across I am attempting to change the inside and outside interface from that configuration into its correct VR...
I was wondering if this would work. I need to move our FMCv from its curent hypervisor to a new one. I was thinking the easiest way may be to create an new FMCv on the new hypervisor and make sure it matches the version of the current one. The new FM...
imagine basic asa setup with two outside interfaces, two providers, and one inside interface. I have route map that route traffic from one inside ip to provider 2 and default route to provider 1. If I implement reverse path check, asa uses routing ta...
I am currently using Cisco Firepower Management Center (FMC) and would like to collect logs that include detailed information about users' requested URLs and send them to a central syslog server for analysis.Here are my specific requirements and ques...
