Network Security

FTD 6.3

Hi Experts, any update on the release date of FTD 6.3? last time I checked it was supposed to be released Q2 CY17, and what features should we expect to be there? Context support, FDM on 4100 & 9300, PBR, clustering for 15 nodes ...etc Thanks Wise

Smart Licensing Firepower Threat Defense

Dear All, I have configured my FTD 6.2.3 through FDM with base, threat and malware license and all the policies are working fine. But today when i open the FDM it says license are out of compliance what causing the issue.??? please help.....

Resolved! ACP Rules for IPS and File

Hi All, What is the general recommendation for which rules are inspected with IPS/File and which are not? I'm currently working on a deployment which has a large number of inside to outside zone rules that permit traffic such as dns, http, https, ftp...

ASA IPSec finding hosts that are using the tunnel

Hello need advice on how to identify who is using an IPSec tunnelcan not capture packets using because of encryption, correct ? if I do a show vpn-seas l2l I see the tunnel peer and the destination which is the Asa outside interface I need to identif...

Resolved! firewall failover

Dears Please find the attached topology. I have some problem in understanding the fail over, whenever the port channel interface of DC-1 fails it shifts over to DC-2 FW but the perimeter firewalls doesn't shift and the traffic gets drops, hence if I ...

EtherChanel not coming up on FTD 2110 appliance

Dear Expert, I may Etherchannel on FTD 2110 appliance is staying in down state. When configuring on FMC I used active has state. PLease Help me with your Expertise to solve this. regards, Zanga

How do I clear a stuck route from an ASA 5515-x?

I have a very unusual situation. I have an ASA 5515-x running Cisco Adaptive Security Appliance Software Version 9.1(4) I have a stuck static route that I cannot remove from the device. I have tried clear configure route BGPDMZ:cerberus-01(config)# c...

Resolved! Configuring SSH allowed addresses on ASA 5506-X:

I'm using ASA 5506-X. I have an external network, whose computers need to SSH into the ASA. To do this I configured:ssh x.x.x.x x.x.x.x outsideWhere x.x.x.x x.x.x.x is the external address range of the outside network somewhere else in the world.Wi...

FMC user limit reached at 17-18k when there is a 50k license limit, ‘User Identity Dropped: User Limit Reached’

Firepower Management Centre stops recording the user to IP mapping info and creates the ‘User Identity Dropped: User Limit Reached’ messages at between 17,000 and 18,000 users, this is nowhere near the 50k license limit for users.

Resolved! Configuring multiple site-to-site VPNs on a single ASA

I'm using an ASA 5506X and I wish to configure two site-to-site vpn tunnels, which go to two other sites with their own ASA's But the second VPN is not accepting the final configuration step of applying the crypto map to the outside interface. Why no...

Resolved! Cisco ASA 5505 TFTP (Access Violation)

I am trying to send a new asdm image to my cisco asa 5505 firewall. I have tftpd64 installed on Server 2008 R2 and the file I'm trying to send is in the same directory as the tftpd64; so it is accessible. The tftpd64 shows the IP of the server, secur...

Firepower FMCv Support

Hi Community, I have a pair of ASA5516-X both with support contracts, and both are being managed by a virtual FMC running on VMWare.Now I have an issue with FMCv I need TAC support on, and I'm wondering does anyone know if FMCv is covered under the...

We need to limit User based Bandwidth Limitation

Hi Guys, We need to do Used based bandwidth limitation from CISCO ASA Firewall. CISCO ASA has the functionality to authenticate users and Bandwidth limitation quote (example 1 GB/Day). After that user got a message on the screen that user exceeds his...

FMC virtual machine blank login page

Hello, I am deploying a new vFMC 6.2.3 (latest) on ESXI 6.5.0 and upon deployment of the OVA file, i get a blank login page ( with the URL /login.cgi) . Tried different browsers as well. I have looked at this post , redeployed the VM multiple times ...

ASA failover/state link down and no standby IP addresses

Assume you have a FTD/ASA HA with combined failover/state link and no IP addresses configured on any interface. What happens when Failover link turns down? I think the active/standby roles remain on each device. But what happens when active device ge...

Network Security

Forum Posts

FTD 6.3

Smart Licensing Firepower Threat Defense

Resolved! ACP Rules for IPS and File

ASA IPSec finding hosts that are using the tunnel

Resolved! firewall failover

EtherChanel not coming up on FTD 2110 appliance

How do I clear a stuck route from an ASA 5515-x?

Resolved! Configuring SSH allowed addresses on ASA 5506-X:

FMC user limit reached at 17-18k when there is a 50k license limit, ‘User Identity Dropped: User Limit Reached’

Resolved! Configuring multiple site-to-site VPNs on a single ASA

Resolved! Cisco ASA 5505 TFTP (Access Violation)

Firepower FMCv Support

We need to limit User based Bandwidth Limitation

FMC virtual machine blank login page

ASA failover/state link down and no standby IP addresses

A new chapter of the Spotlight Award begins!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Rollback FTD from cdFMC to on-prem FMC

FTP Connexion issue

How can FTD block file with Cloud lookup disposition: Unavailable?

FTD firewall in OT/ICS environments

FTD Decryption Policy - documentation confusion

ASA OS Upgrade planned: Problems with 2S2-tunnels expected

ASA: Tool that checks the configuration if compatible with new OS

Cisco FTD License

Ports on FMC 4700

ACL auto shifting