Network Security

FirePOWER User Agent and dual stack IPv4+IPv6

I wanted to implement FirePOWER rules based on AD groups so I installed and configured the FirePOWER User Agent. But it seems like the dual stack network ruins this solution, the AD authentication that is picked up by the User Agent and sent to FireS...

FTD Device certificate and FMC

I have a FTD 9300 already added to FMC.I need to change the device certificate but I am struggling to find in the documentation do I need to add the device certificate on the FTD 9300 first and re-add the device back to FMC or it can be done directly...

ASR-Group vs Traffic zones

Dear all, Can someone advise what is the difference between ASR-Group Vs Traffic Zones?We have 2 ASA in active/active state.We are using one Security-Context that has 2 outside sub-interfaces each with a transport VLAN.on each sub-interface we have o...

ASA and EIGRP / Null0 Routes

Hi Folks, I have seen some unexpected behavior on an ASA with EIGRP but not sure if this is the norm for the EIGRP process on the Firewall (or router in general). Under the EIGRP Process on a firewall there are no redistribute / route map commands an...

Can vFMC (or FMCv) licenses be "stacked" ?

I have a customer that needs to support 20 managed devices under vFMC (VMware)..Is it possible to use 2 x 10 device SKU(s) to accomplish this, and essentially "stack" these together ? Meaning 10 + 10 would yield me 20 vFMC managed devices.. Or is vFM...

Uni directional Ipsec Site to site Tunnel Breakage

Hi All, I have a site to site vpn established between ASA5525-X firewall & Meraki MX84 security Appliance Configuration:ASA endPhase 1:Encryption: AES 128, Authentication: pre-shared key, Hash: SHA1, Group:2, Life time:86400Phase 2:Encryption:esp-aes...

SNMP TRAPS configuration on FTD and FMC.

Hi, I am trying to configure the following SNMP traps on my FTD and FMC devices Traps;Environment traps; Power supply failure, Critical CPU temperature, Fan failureResource traps; Memory threshold reachedCpu Utilization traps; Cpu Rising threshold re...

ASA 5505 to 5506 replacement - using the 5506 with bridged (switched) ports and vpn 9.8.x

Hi guys, it has been a pain and a year long ongoing process to get Cisco to implement (sorta) switched ports into the ASA 5506. Most of us probably use the 5505 for small branches due to the fact it has a built-in switch. Now while we were all exited...

Threatgrid down again? 5/9 1800 GMT.

Can't lookup report from threatgrid after SFR malware hit, FMC 6.3.0.2. Anybody else seeing the same thing after clicking the score in file trajectory? This happened morning of 4/25 also. TAC mentioned an outage.

RV320 Port forwarding?

Hey everyone, I'm wondering if it's possible to do port forwarding for incoming traffic on a public IP address assigned to the WAN port on my RV320, but to have the traffic sent to a LAN IP, but on a DIFFERENT port. Fore example, the RV320 has WAN IP...

Resolved! Can you make 2 FTD 2130's in a HA pair without FMC

I am testing 2 FTD's in our lab and everything I read says to set them up in a HA pair they must first connect to the FMC? They are running FTD not ASA code.

Firepower 6.4 and ASA feature parity

Does anyone have a list of features still not supported on FTD 6.4? I looked in a lot of the documentation and can't find it. Thanks!

Resolved! Licenses to enable FirePower on ASA5515x

Hello, I need to enable the Firepower NGIPS in a ASA5515X together with the virtual Firepower Management Center. Can you confirm that the following part-numbers are the corrects considering that I want to activate the anti-malware protection? ASA55...

VPN Tunnel Traffic intermittently disconnecting

HI all, I have Site to site vpn established between meraki MX84 and ASA 5525.sometimes one of subnet in crypto ACL is getting disconnected from tunnel from meraki end as well as asa end. Thanks in advance.

Resolved! Moving from ASA to FTD/FMC

Hello Im in the progress of moving from ASA 5555 on out main FW to Threat Defense on 2130. I thought this would be a good moment to rewrite the hole config. We have several ASA's with FP already in a FMC console. My question is, when I have a lot of ...

Network Security

Forum Posts

FirePOWER User Agent and dual stack IPv4+IPv6

FTD Device certificate and FMC

ASR-Group vs Traffic zones

ASA and EIGRP / Null0 Routes

Can vFMC (or FMCv) licenses be "stacked" ?

Uni directional Ipsec Site to site Tunnel Breakage

SNMP TRAPS configuration on FTD and FMC.

ASA 5505 to 5506 replacement - using the 5506 with bridged (switched) ports and vpn 9.8.x

Threatgrid down again? 5/9 1800 GMT.

RV320 Port forwarding?

Resolved! Can you make 2 FTD 2130's in a HA pair without FMC

Firepower 6.4 and ASA feature parity

Resolved! Licenses to enable FirePower on ASA5515x

VPN Tunnel Traffic intermittently disconnecting

Resolved! Moving from ASA to FTD/FMC

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

FMC IP fragmentation to no fragmentation settings can couse outage?

Limit the number of concurrent logins to DNAC

Cisco FTD Migration from 4100 to 4245

My CSLU(Cisco Smart License Utility) can't login into Cisco.

same question, same issue, Intervlan routing not possible at FTD

Need expert help with Firepower intervlan routing

ASA 5506 SSP Version?

FMC 7.2.5.1: Smart Agent is not registered with Smart Licensing Cloud

FTD 3105 : the disk /dev/nvme1n1 is unable to be unlocked or reverted

Stateful Firewall on Cisco Catalyst 9300 Series SwitchesStateful Firew