Network Security

Resolved! Firewall ASP Drops

I was wondering if it is normal to have millions of drops for the below asp drop. I have a situation where an internet firewall has 34 million over 5 days. I have multiple other firewalls that have a lot less traffic on them and they do have millions...

ASA-AWS - NAT Translation issue

ASAv Version 9.6(4). After a reboot of the EC2 instance, the ASAv looks like it comes up and is working correctly, but nothing gets routed and the NAT translation doesn't appear to work. Doing a show xlate only shows the NAT object definitions but ...

S2S VPN issue

Hi everyone ,I have a topology there are 2 firewall at my side ASA1 (Internet firewall) and ASA2 (Internal Firewall ) , ASA1 mange by other one . 3rd party wants to make VPN with ASA2 .we have a public ip (205>xx.xx.xx) witch is provide by ASA1 mana...

FMC VMWARE OVA Snapshot or Integrated Backup

Is it ok to run a snapshot for the FMC VM? It seems that if I were to take a snapshot the log file would continue to grow rapidly due to all the database writes pertaining to connection, host, discovery events etc If completing a major version upgra...

Resolved! ASDM

Dear all, something is string for me once i make changes or make new ipsec tunnel its working fine but the parameter for other which is already exist also changed automatically ,i attached the picture once i make the new one automatically changed for...

Resolved! ASA5516-X feature licensing

Hi, I don't normally specify security products and would welcome clarification re the below in reference to the ASA5516-X with Firepower (ASA5516-FPWR-K9) 1. In a HA (active/standby) deployment is it mandatory that I need to purchase a L-ASA5516-TAMC...

ASA Failover downgrade from 8.4.2 to 8.2.5

HI Everyone， We want to do a downgrade for our ASA, they are working on Failover A/S mode. I am not sure about this operation.What should I do? Is there a detailed step? Does the implementation of this downgrade process require a transition to an int...

Creation of Prefilter -FMC

The affected device uses the same base access-control policy (and same pre-filter policy) as all our other inline firewalls. Where we have sites that need additional rules, we create a child policy that inherits from the base access-control policy. I...

Migration challenge from CISCO ASA to FTD

Hi All, Can we copy & paste rules from one policy to another in FMC ? I am in middle of a migration where we are using FMT tool to migrate rules however we are facing lot of issues. Every time we run FMC, it creates a new policy however we want to cr...

Resolved! Disabling SIP

Hi, I need to disable SIP in my FTD. However, I don't have the options to issue the below command configure inspection sip disable . I only have the below: audit_cert Change to Audit_cert Configuration Modeconfigure C...

Resolved! ASA 5585 How to Check IPsec(IKEv2) IP bindings?

Hi, I have a firewall that is setup to connect to outside devices via IKEv2 vpns. I need to find out how many connections have been made and how many ip's are leased from the Firewall? Any help on this would be greatly appreciated. Thanks

Cisco 5505 asdm 5.2 ASA V. 7.2(3)

We are trying to configure our Cisco for SIP but after opening all the requited ports we do not have audio. We can call extensions from different locations, just can hear each other outside of our location. The IP phones in-house we can call and hear...

ASA spoofing

I have a rather stubborn occurrence. I keep getting: Deny IP spoof from (10.87.88.1) to 10.141.36.60 on interface inside. This is connected via VPN. 10.87.88.1 is the VPN Termination point. It is a site to site connection. The 10.141.36.60 i...

Cisco C-20 HD license key | end-of-life

Hi everyone We recently purchased 4 x refurbished C-20 codecs for our distance learning program with our satellite campus. Our original C-20 performance were beginnning to slow down.We have been using our Cisco Telepresence appliances for almost 10 y...

Cannot SSH on FMC 4500 after upgrading to 6.5.0

Hello, After upgrading our FMC 4500 to 6.5.0, we can no longer SSH into it.Here are the symptoms:1. Before upgrade, we could successfully use Putty and SecureCRT to access CLI via SSH2. We are trying to use Putty and SecureCRT and neither emulator is...

Network Security

Forum Posts

Resolved! Firewall ASP Drops

ASA-AWS - NAT Translation issue

S2S VPN issue

FMC VMWARE OVA Snapshot or Integrated Backup

Resolved! ASDM

Resolved! ASA5516-X feature licensing

ASA Failover downgrade from 8.4.2 to 8.2.5

Creation of Prefilter -FMC

Migration challenge from CISCO ASA to FTD

Resolved! Disabling SIP

Resolved! ASA 5585 How to Check IPsec(IKEv2) IP bindings?

Cisco 5505 asdm 5.2 ASA V. 7.2(3)

ASA spoofing

Cisco C-20 HD license key | end-of-life

Cannot SSH on FMC 4500 after upgrading to 6.5.0

VPN with Alias on FTD

FMC/FTD remote access user not found using DUO SSO

CSCvr64208 - ASDM launcher v1.9 not applying proxy rules

How changes time zone cisco FTD firewalls UTC to IST

Cisco FTD local login syslog

FMC Security Intelligence - logging only

Firepower 1010 registration

IKEv2 - CVE-2025-20182 - Denial of Service Vulnerability

FTD 7.4.2.2-28 Site to Site VPN Flow is denied by configured rule

No proposal chosen on FMC managed FTDv - any helpful debug commands?