Hi I want to bypass SSL decryption for few websites like Google, Apple, YouTube using DNs. How can I add that if certificate issued to Organization is Google LLC then do no decrypt? I tried O=Google LLC, didn't worked. I tried CN=*.google.com didn't ...
Forum Posts
Hello, we have two internet connections terminated on our 5506-X FTD managed through our FMC. Connected to our FTD is a Cisco 4331 router we are doing a DMVPN connection over the primary internet connection to our corporate HQ. The tunnel source inte...
Hello All,i have recently installed two FTDs and they are working as HA, the FTDs manged by FMC and will go live today but when i want to deploy something from the FMC and i cannot see the devices or the HA peer on the deployment tapt, this is just h...
HelloI am about to migrate a Cisco ASA (Active Standby Cluster) to Firepower.My ASA Cluster has L2L VPN Tunels (Policy based and Route Based) and Extended ACL's applied to different interfaces for Multiple Clients Traffic.I am looking for Best Practi...
Resolved! Cisco Firepower 2130 Threat Defense
I have the new generation firewall Cisco but I have two questions?a) Is normal that the deploy is too slow ?b) How to monitor VPNs? The versión IOS is 6.5.0. thanks for you help me!
Hello, Do anyone have documentation on how to configure a firepower 4300 FTD as a SDA fusion firewall? Thanks
Hello,I have noticed that suddenly all the Source Fire Connection Events not showing/recording.If i try to expand the time window i can the last data shown will be since 03 Jan 2020I have changed the Maximum Connection Summaries in Database settings ...
Hi All, Would like to get recommendations from you on ASA Security level and traffic flow. Have two scenarios. 1) ASA Firewall with Three Interfaces. Interface Gig0/1 : Outside (Security-Level 0)Interface Gig0/2 : Inside (Security Level 100)I...
HelloWe just installed an ASA 5516-X to productions as an east/west routed firewall. It is Firepower Threat Defense 6.4.0.4-34 managed by onboard Firepower Defense Manager.The DHCP server is 192.168.5.21The inside of the ASA is 192.168.5.1The outside...
Hello, Hello, we have a topology similar to above. The ASA has a private AS of 65001, and is using the local-as 2322 and and remove-private-as BGP parameters, but the router is still seeing the private AS, 65001 when you type show BGP. Is there a co...
Hi,I am looking to upgrade 2 x FTD 2130 and vFMC to 6.4.0.7 from 6.3.0.2 this week.Am I ok just going straight to 6.4.0.7 or should I go to 6.4 first? Anyone had any issues with .7? It was advised at Cisco Live this week that we get all of our Firepo...
Hi, We have Firepower FMC 6.4 as RA VPN device and Cisco ISE 2.3 as radius server. We have one connection profile and different group policies on Firepower. We want to use different group policies for different AD groups. on ISE we have configured AS...
Does anyone know if there is a way to successfully get a credentialed scan on the FirePower module of an ASA 5516? I just recently had a CCRI (Command Cyber Readiness Inspection) and the auditor stated that I should be getting credentialed scans on...
Hi, I'm evaluating the Cisco Security Manager ver 4.14 installed on a vm-ware machine with windows 2012 64bit with us-english locale. There are two kind of problems: during the installation some of the MS-KB requested cannot be satisfied , eit...
Resolved! FMC HA 6.2.3 to 6.4 Upgrade
Looking at upgrading from 6.2.3 to 6.4 on our FMC 4500s - which are configured for HA. For other minor upgrades we just pause the sync - upgrade the standby - upgrade the primary - and resume the sync. Any experiences with doing similar upgrades - i....
