As it is right now I block all STUN traffic. However there is a legitimate use case for it. What is the recommended secure way to handle STUN traffic. Can it be man in the middle-ed like SSL or are there other options to securely inspect the traff...
Forum Posts
Can someone please confirm if the Firepower user agent 2.4 supports TLSV1.2? I disabled TLSV1.0 in my Windows Domain Controller 2016 and I'm not getting any mappings anymore, thank you.
Hi,We have Virtual ISE Installed and Looking for Its licensing.I can see ISE-VM-K9 in UDI Information. Is this ISE or ISE PIC and what licenses I needs.Are the licenses free or paid.
Resolved! Deploying FTD Data Center Firewall
Hello,We are working on a solution over deployment of Cisco FTD, F5 Load balancers and Nexus 9K Switches ( DC Core) with following interest: - To control and inspect the traffic from between users and servers.- To isolate the public facing web serv...
Hi. Is there any equivalent to the CISCO IOS archive? Something like: archive log config logging enable logging size 200 hidekeysnotify syslog contenttype plaintext path scp://user:pass@1.1.1.1/$h-$t write-memory
Hello We are deploying a new core 9696 with access sw inside DC, want to deploy:-Integrate new switches with ISE-Use 802.1X for wired/wireless users What are the steps, do we need to config AAA on the switches also or ISE auth is enough. Any templat...
Hello , I don't know how to activate encryption 3des-aes on an ass 5520. it has plus licence activated. But I can't deploy sshv2 neither aes for https and for vpn too. Any one whoo may help me about this issue please. I attached a screenshot of show ...
Hello, I would like to know what he process is for upgrading a site in FTD from a 5506x to a larger appliance. We're planning to add more bandwidth and will likely need more capable hardware. I'm hoping I can just migrate my settings to the new dev...
I have configured a cisco firewall asa(in packet tracer) to allow only modbus tcp port 502 to go though the firewall from 4 inside client (172.16.0.1-172.16.0.4) to outside server by writing acl and then auto natting.Is this configuration correct??...
Resolved! ASA5506 New VLAN for Guest WIFI
HelloI need to create new VLAN02 for guest WIFI and set up some rules to restrict access to some IP address.My ASA5506 is in BVI mode.The current ASA interfaces are like this;BVI1 – insideGIG1/1 - outside -GIG1/2 - inside_1 -GIG1/3 - inside_2 -GIG...
Team,I am struggling while configuring ASDM with my cisco firepower 2130 firewall it is on ASA mod. My firewall is on 10.1.2.0 subnet and I am setting in the subnet which is 10.1.57.0 right now I am unable to access my firewall which IP addresses are...
Hi, While I was upgrading FirePOWER from 5.4.1 to 6.0.0 there was a power outage, and the upgrade didn't complete. The module became unresponsive (it's status from ASA CLI) until I had to shut it down, reset it, then reload it. Now I can access ...
while sending a file to particular target, if the file size more than 250 KB. The firepower is blocking. I found a similar type of bug CSCva18960, suggested workaround is to disable the preprocessor rule for that particular traffic and I did the same...
I get this message now when I add a new user for in the local CA server. Is Cisco removing the local CA server completely from the 5506-X?? WHY?
Hello, What command would I run on an ASA to show the encryption domain(s)? Regards Troy
