Hello everybody,I performed a FMCv upgrade from rel. 6.6.5.2 ---> 7.2.8 (Suggested Rel.).The upgrade was performed without problems.1.) The deployment thereafter failed with 'Validation Errors': Policy Name: Zone Manroland This rule requires a Threat...
Forum Posts
Can we configure the same FMC at two hypervisor We have a FTD 305 manage by FMC-V... The FMC-V is configured on Nutanix hypervisor and also we have a VMware setup... Problem statement:When the Nutanix server goes offline or rebooted during that time...
We have an FTD managed by FMC on data interfaces. The FTD device is not able to reach the internet via the management interface and I am assuming it has to do with the following:FTD:~$ route | grep 169.254.default 169.254.1.1 0.0.0.0 UG 0 0 0 tun1 ...
Resolved! FTD Packet matching criteria? L7 vs L3/4
Bit of a long one. Hopefully someone can provide some clarification, I am trying to get my head around how rules are matched in ACP. (I want to understand it for this scenario) We have 2 FTD rules in our ACP. Rule 1 : Allow source 10.0.0.1 towards...
Seeking Advice on FMC and ASA/FTD migration:Current Infrastructure:FMC-1000 (Version 7.0.4): Managing FTD 4110 (HA) with Version 7.0.4.FMCv (Version 7.0.4): Managing FTD 2130 with Version 7.0.4 and FTD 2110 with Version 7.0.4.FMC 1600 (Version 7.2.4)...
I have:FMC 1000 currently managing FTD 4110. (7.0.4 on both currently)FMC 1600 currently managing FTD 4112. (7.2.4 on both currently)I need to move FTD 4110 from FMC 1000 to FMC 1600, so after the migration, FMC 1600 will manage both 4110 and 4112.Wh...
Hello guys,I'm having problems when trying to ping via my asa 5510.This is the important bit of the configuraion:interface Ethernet0/0 nameif inside security-level 100 ip address X.X.X.X/30!interface Ethernet0/1 speed 100 duplex full nameif outside s...
I have an issue, I am assuming with Java, where the asdm is taking forever to load. Then when it does load I can't do anything because it takes so long to load. The issue only occurs if I am connecting to the ASDM over any port other than 443. I know...
I keep getting a 'Blocked 'count_summary'' error when I click on the proceed button after selecting the FTD device. Anyone know why this is happening?
There might an obvious answer to this My understanding is that, when you create an l7 ACP entry on Firepower, Few packets are sent through the DAQ engine to identify the app so it can evaluate the l7 ACL. Then based on l7 Evaulation its allowed or b...
Hi, everyone I don't know which firepower to buy.If switching fabric bandwidth 50G, which firepower should i buy?I mean a firepower will substitutes a switch. thank you best regards
Resolved! FTD 2130 NAT-T Disable problem
Hi all, Have a problem with NAT-T. I have FTD 2130 device managed by FMC which is terminating all my VPN connections. FTD does not have PUBLIC IP attached to internet, instead I have internet router that is doing 1-to-1 static NAT without any port fo...
Hi Guys,We have a FTD terminating a few IPSec tunnels. One of them are having connectivity issues with larger packets so we suspect that there is a smaller MTU set somewhere towards the destination. As far as I know the FTD can overwrite the endpoint...
I have several l2l tunnels we are moving and decommissioning. I see a few tunnels with very little traffic, but traffic nonetheless based on RX and TX counts, and I need to see who exactly and what servers are still using the tunnel, and which ports....
We have successfully tested SSO with MFA logon to the FMC. However, when we attempt to logout, we receive the following message You are logged in using SSO provided by Azure. To protect your Firewall Management Center account from unauthorized access...
