Network Security

Cisco FTD failover - Interface Virtual MAC Queries

Hello, I am working on setting up HA for FTD appliances for a customer. I have been using the syntax aaaa.bbbb.xxx1 and aaaa.bbbb.xxx2 usually for assigning interface virtual MACs on the primary and secondary respectively. I have the below queries re...

Resolved! FTD 2100 NTP timezone issue

Hello, We have HA pair of 2100 FTD appliances managed by VFMC running version 6.2.2.109. The issue is related to NTP. The FMC is pointed to our internal NTP server and is showing correct time and timezone. The issue is with FTD appliances which a...

Cisco Cloud Configuration - Unable to reach Cisco Cloud

Hey Folks, Recently I updated FTDs and FMC to 7.2.8. After the upgrade, I noticed unusual behavior on "Cisco Cloud Configuration". On all FTDs, I got the below error after upgrading, even though it was not raised before the upgrade: Threat Data Upda...

Resolved! Cisco Packet Tracer ASA 5506 Prevents Access to DMZ Servers

Hello everyone, I have a problem with my project, which is that the firewall in HQ prevents GRID network computers from accessing servers located in the DMZ, I tried writing many access lists but to no avail. Knowing that there is an IPsec connection...

SNMP V2C OIDs

Hi guys, is there a document that contains CISCO OIDs for SNMP Usage? I am trying to manipulate a router/switch's arp cache and ip routing through SNMP via their OIDs, but to no avail.Thank you

Cisco ASA 5520 Config help.

ciscoasa# show int Interface GigabitEthernet0/0 "outside", is up, line protocol is up Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps) MAC address 001b.2ac2.5068, MTU 1500 IP address ...

FTD HA BREAK FROM FMC - deployment failed on standby

Hi support team,We have 2 FTD named EXT1 and EXT2. Before HA BREAKEXT1 - PRIMARY STANDBY READY EXT2- SECONDARY ACTIVE Now I did BREAK HA from FMC for the high availability. I'm able to see no connection on EXT1 but the previous active is now handlin...

Resolved! FirePower onboarding to FMC first policy deployment failure

I am trying to lab FMC deployment with the 90 evaluation. I added two virtual Firepower's to FMC but the starter policy that you must create when adding them, fails to deploy with the message "The deployment failed because the deployment packages did...

Replacing - Cisco 5525-x to FPR 1120 - NGFW

what is the recommended migration process from ASA 5525-X to FPR 1120?

Flex Config help

While trying to insert WCCP into the FTD, the configuration was wrong, TAC gave me the wrong type of ACL which broke the configuration of our running FTD. I have very limited knowledge of what or how flex config is. I need to remove the wccp part of ...

Resolved! How to install a naked Firepower 1010?

Hello everyone, a customer has a Firepower 1010 without image that is bootingin the rommon mode.There is a FAT32-formated USB stick with the current Firepower releasecisco-ftd-fp1k.7.6.0-113.SPA How can I transfer the OS file from the USB stick to th...

FTD with dual routers

I have two locations connected by dark fiber. At each site is a router with BGP to an ISP, the routers use iBGP between them, one is the default GW with HSRP. At each site is a 3120 with an FTD instance. Today I connected one between the inside inte...

FTD reboots and the active firewall losts all of the User ID entries

Hello! We are experiencing an issue where, if one of the members of our firewall cluster, for example, the passive member, reboots, after the HA is restored, the active member loses the user identity information collected from the passive identity. I...

ASA AD LDAP Authorization belonging to multiple groups

Running on a FP2130 with 9.18(4)34 but the same problem seems to occur on 9.18(4)40.I am trying to have a user belonging to multiple groups map to a single ldap attribute-map mapping the memberOf a group to IETF-Radius-Class for the group policy.The ...

FIPs mode FMC/FTD

Trying to follow DISA SRGs, and one of the requirements is to enable FIPS mode on our 2140 FTDs, managed by FMC. I am new to these so was doing some searching online and it sounds like CC compliance is what needs to be enabled.Am I correct in saying ...

Network Security

Forum Posts

Cisco FTD failover - Interface Virtual MAC Queries

Resolved! FTD 2100 NTP timezone issue

Cisco Cloud Configuration - Unable to reach Cisco Cloud

Resolved! Cisco Packet Tracer ASA 5506 Prevents Access to DMZ Servers

SNMP V2C OIDs

Cisco ASA 5520 Config help.

FTD HA BREAK FROM FMC - deployment failed on standby

Resolved! FirePower onboarding to FMC first policy deployment failure

Replacing - Cisco 5525-x to FPR 1120 - NGFW

Flex Config help

Resolved! How to install a naked Firepower 1010?

FTD with dual routers

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

FIPs mode FMC/FTD

Modifiying FTD instance on FTD3130

Upgrade 7.6 -> 7.7 stopped media and ftp, is inspection the culprit ??

Model Migration - 4110 Native to 4225 Instance S2S VPN Configs

ASA upgrade procedure on Hyper-V

Announcing the release of Firewall Migration Tool Version 7.7.10

Cisco FMC Access control policy under default

AnyConnect MAC OSX exclude/include DNS not working

FTD Migration Question

License Help For ASA5510

Firepower EOS 1120