Network Security

Dicard Traffic invalid or untracked (ACK,FIN ) in Cisco ASA 5500-x Series syslog

Hello, I have one Cisco ASA-5500-X Series with a different ACLs , Actually I configurated this Cisco for Logging in External Syslog, The problem is that I receibed a lot events with a invalidad o untracked events. Similar to this ( This event is chan...

Question about debugging Access Control Policy deployment errors

Hello, We have a number of version 6.1.0.5 IPS devices and a virtual FMC at same. The devices are various types, but the one having the issue is a FirePower model 7030 device. Just recently, access control policy pushes to this device from the FMC h...

Updating FTD Device Interface Configuration using FMC API

I'm doing a PUT request using FMC REST API to change the physicalinterface configuration of a FP2000 series firewall, however I get the return message below. {"error": {"category": "FRAMEWORK","messages": [{ "description": "Post not allowed for Phy...

copy configuration snippet to the running-config fail

Hello community, i want to copy some commands from a textfile that was uploaded to an ASA to the running-config. But the commandline tells me that there is a "dot" at the first line at the textfile. If i create a empty first row, the error appears, i...

Syslog Alert for IOC, Malware / Intrusion events etc

Hello I would like to basically set Syslog alerting for the all the Malware / Intrusion events seen in Firepower. Please check attached for events that I am after. I have configured the following Enabled logging for Global Access Policy, Global IPS P...

ASA 5506-x inside has no access to dmz

I have ASA 5506-x.dmz already has an access for the inside interface but i can not pin ASA inside interface nside has no access to dmz.Here are my configurationsdmz network 172.16.0.0/24inside net 10.0.0.0/16inside interface address: 10.0.19.50web : ...

Resolved! Allowing non contiguous ports on ASA 5520

Good day I have a ASA 5520 and currently I have the following set up access-list OUTSIDE-INBOUND line 15 extended permit tcp any host 10.0.0.22 eq www access-list OUTSIDE-INBOUND line 16 extended permit tcp any host 10.0.0.22 eq https access-list OU...

FTD File Policy

Hi Guys,I believed AMP Cloud and ThreatGrid are 2 different solutions but I would like to know if FTD can submit a file for dynamic analysis for both solution?Thanks

Firepower 6.3.x Passive Identity policy load on nodes and best practice

Hi Everyone, I tested successfully in a Lab to have Passive Identity information shared via PxGrid between ISE 2.6 and FMC 6.3. What I would like to know is the following 1) load that Identity policy can have on a Firepower node (for both ASA+FirePOW...

Java SE subscription require for ASDM?

Hi All, According to the customer provided URL, it seems Oracle now requires a subscription to use Java SE, I would like to know any impact for the ASDM as we must use ASDM in Java environment. For details, please kindly refer to following email co...

Remote backup of Cisco switch configs

Hello people,Trust you are all doing well. Grateful if anyone can help or share any tips to achieve the below: - Perform backup configuration of switches and upload same to a remote server securely. We are currently performing automatic backup via tf...

Resolved! Cisco ASA FirePower WAN to DMZ IP Passthrough (No NAT)

Good Afternoon All, I've got an ASA 5516 FirePower here on site running 9.10(1).The outside interface is allocated a /29 from the ISP, let's call it 1.2.3.112/29. The ASA outside (Gi1/1) address is 1.2.3.114/29 and the ISP router is 1.2.3.113/29.We'v...

Power Consumption of Cisco ASA 5525-X

Dear, We had Cisco ASA 5525-X with Spec Input (per Power Supply) as below AC range line voltage : 100 to 240 VAC AC current : 4.85A We put this device in our data center (DC), the DC caculates the Power Consumption is 220 VAC* 4.85A = 1.067VA So t...

Resolved! firepower IPS rules

Dears, Please find the attached screenshot for an example, there are many rules disabled bydefault how I will know which I have to enable to avoid any attack on the network. Thanks

ASA 5525-X time in cluster 0d 0h 0m 0s.

Hello! I have two ASA 5525-X with Firepower services. They work in cluster mode. When I launched ASDM in Device Dashboard -> ASA Cluster I saw the field "Time in Cluster" have 0d 0h 0m 0s. But in the console after I typed "show cluster info" I see"Cl...

Network Security

Forum Posts

Dicard Traffic invalid or untracked (ACK,FIN ) in Cisco ASA 5500-x Series syslog

Question about debugging Access Control Policy deployment errors

Updating FTD Device Interface Configuration using FMC API

copy configuration snippet to the running-config fail

Syslog Alert for IOC, Malware / Intrusion events etc

ASA 5506-x inside has no access to dmz

Resolved! Allowing non contiguous ports on ASA 5520

FTD File Policy

Firepower 6.3.x Passive Identity policy load on nodes and best practice

Java SE subscription require for ASDM?

Remote backup of Cisco switch configs

Resolved! Cisco ASA FirePower WAN to DMZ IP Passthrough (No NAT)

Power Consumption of Cisco ASA 5525-X

Resolved! firepower IPS rules

ASA 5525-X time in cluster 0d 0h 0m 0s.

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

FMC and multiple AD domains

Dynamic Split Tunnelling - Android Devices

compartilhar internet com VLANS firepower asa

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

How to Specify a PAC File on FMC Policy for Secure Client

IPS traffic report

Accessing remote ASA over site-to-site VPN

SLA failure because certain IP addresses cannot be reached by ping

Firepower Congestion

It is posible to stop Brute Force attacks in Firepower Theat Defense?