On the new FirePower version 6.2.2, there is a new feature call Threat Intelligence Director (TID). Has anyone start leveraging this new feature and what are some of the common open feeds that the TID can be imported to FMC automatically?
Forum Posts
Dear All,I would like to be able to have a better understanding about DDoS attacks and how to stop them, but first I would like to have a more solid known about networking. I know that the more dangerous DDoS attacks target common/known open ports li...
Hello Community!I'm noticing an interesting behaviour of Windows standard "tracert" command: when I simultaneously run several tracerts to the same host in the internet I get some random timeouts on different steps of trace. I run Cisco 4331 with IOS...
Hey all,I'm trying to simulate my lab environment in packet tracer but having trouble addressing my ASA interfaces, namely because I have to use VLANs. Here's my project so farMy addressing table:and my topology, On Corp asa I did the commands:Int vl...
What will be the source address when i ping from an context in ASA. Will it the management interface ip ?. Or will it be the interface IP ? from which the ping exits.
ASA 9.12(2) 5516-XDevice 7.12(2) I just want to be able to ping the IP addresses assigned to my external interfaces. Each outside interface is a /29 subnet with an IP and a gateway in that subnet. I can ping the gateway IPs from inside, but not the ...
Hello I have an event configured as: event manager applet Weekly_Backupdescription scheduled autoevent timer watchdog time 604800action 1 cli command "backup /noconfirm location ftp://cisco:cisco@IP.ADDR/Firewalls"output none This is working very fi...
Hi colleagues! I'm not a novice in ASA, but this problem got me baffled. I'll start without too much of a technical detail: I have two ASAs with an IPSEC L2L VPN between them, like this:LAN1 - inside - ASA1 - outside - (public internet) - outside - A...
Resolved! Global Vs Interface Policies
Hello Team, As now Cisco ASA supports Global ACL wouldn't be this advisable to use it rather than using Interface based ACL ? Can someone please advise me positive and negative parts of it? I think once we use global ACL this is more like a Checkpoi...
Can I ask about the command 'dns domain-lookup <interface name>'it looks like a global command...this won't affect our own DNS internal systems for anything else will it...it will only comeinto use if using the firewall for DNS lookup for the three F...
Hello everyone I have been working with Cisco ASA's for several years. Im very used to the <crypto maps> setup for IKE1 and IKE2 tunnels on the old ASA code. Now Im working with a 2130 with version 6.5 againt ASA's with 8.4 code. My problem now is th...
Hello everyone,i need some support to understand if there's a possibility of create a local user on an ASA Firewall and force the newly logged user to change his password. Thanks,Andrea specsASA5545Cisco Adaptive Security Appliance Software Version 9...
Hi, just two quick questions. We have a L2 ASA on our network and we want to exempt FTP inspection for one specific communication between two devices. I suppose we can just create a new CLASS that matches an ACL with the relevant IP Addresses, and t...
We have multiple ASA5506-X Firepower units in our FMC, each with different licensed dates for Firepower services - and it is telling me they are expiring. How can I determine which one? I don't see anywhere where it associates the license with a devi...
Hi Everyone,Currently, I am using the Rest API provided by FMC for the automatic deploy request, but I can't determine the exact timestamp. Please give me a sample code using the Python language to determine the timestamp. Thanks.
