Hello,We had a security report come back to us detailing that we have a test switch with a weak key exchange algorithm. After checking the switch I found that it is using hmac-sha1. I noticed that the firmware version is on 15.0 and I found that sha2...
By some reason, our company client FP 2110 is in Rommon mode . I have loaded the ASA in the USB stick and trying to boot, however, constantly getting the below error. Can someone guide me what needs to be done now ? %ERROR - Failed to get Act 2 cooki...
Hi, I am currently configuring SNMPv3 on FMC version 7.4.2. Server Team asked me for the EngineID which need to be matched in the SNMP Server. I did some search, there seems to be default EngineID generated when SNMP trap or SNMP server is configured...
Hello,there is a requirement to enable logs on TCP 6514 port with TLS. From some articles we found the command but those are not available in current version of IOS. Switch model is 2960-X and current IOS is 15.2, can any one confirm that the require...
I was unable to use the migration tool so had to configure manually. Now I am in a situation where I only have one tunnel group showing on the anyconnect drop down as seen below.I should have three other tunnel groups showing here. How do I configure...
We had all our 6454 fabric interconnects running firmware version 4.2(4a) flag this vulnerability during a Nessus scan; OpenSSH < 9.8 RCE. Does anyone know how to remediate this or if there is a workaround?The version of OpenSSH installed on the rem...
I am trying to create a Malware and File policy but then I attach that to the Access Control Policy I get this warning "File policy rule targeting application protocol 'Any' may never be triggered due to Application selection 'HTTP/2"If I remove the ...
Hi Everyone,I want to configure Syslog TLS for Cisco 2960X with OS version 15. X.X. Can anyone tell me the upload certificate in the Cisco switch generated by the syslog server?What will be the certificate extension format that Cisco will accept like...
Hi,is there any supported way to add more than 50 entries to the Control-Plane-ACL on a FP1140 Device? It's quite anoying to add every entry one by one in the FMC and it's limited to 50 entries.Thanks
What is the process for exporting the dap file from ASA, I believe I have missed this step when creating my RAVPN configuration
Hi, I have a new firewall which is showing "waiting" on two processes.. how do I resolve this?
I have a firepower 1140 and I wish to see debug messages in the CLI. I ssh in, enable system wide logging, then run debug tcp. after I go into the support console with support diagnostic-cli. Exactly one time I have seen debug messages but not sin...
We currently have two Cisco C9407R core switches, two Cisco FTD 2130 perimeter firewalls, and two Cisco routers. The DHCP services and routing tables are managed by the core switches. We plan to introduce an internal firewall between the perimeter fi...
can I copy paste objects directly into the diagnostic-cli (exec mode) and have fmc read them? I want to mass add about 100 "host" objects and 100 network ranges. It's a snap to do it in the ASA in the cli, and thankfully I need the same 200 in firep...
