Is it common to create a rule to deny outside traffic or is it ok to use the default action to block all if a match isn't made? Thoughts?
Forum Posts
Hi All,I have 2 ASA5525x in failover state both with Firepower SFR installed on it. I configured SSL policy a year ago and it was working well. Last month we have migrated Terminal Server of Users to new VM and I started to see a lot of logs on ASDM ...
What are the main differences between the 5515-X and the 5516-X? Odd that their model numbers are 1-digit apart. The form factor is different, the 5515-X being a longer, silver appliance. The 5516-X is a shorter appliance with the black and red st...
Hi Everyone, I've been involved in a project where a firepower 2110 series appliance was deployed(to replace an ASA) but none of the features purchased were put to good use(or at all really). Smart licensing is out of compliance now and quite frankly...
I have 2 locations with Juniper SRX 550 and needed to migrate these Juniper firewall to Cisco FTDs on HA managed by FMC. All the required configurations have been completed on the FMC. But I need to test the VPN connections between the newly configur...
Resolved! firepower 9300 Specification
Hi,As planning is to be done on the firepower 9300, I would like to check if the specification such as heat dissipation and typical power consumption may be available? Appreciate on the help for any suggestion on it :)
Hi All, I have recently started in a new comany as its senior network engineer and have inherited a mess of Access Lists on Cat 6513s / ASAs and PIXs. Some of the ACLs on the 6513 have over 1000+ lines plus each and there are loads of them, and I...
Hello <<<I have FP 2110 with ios 6.2.3 and FMC1000I do block Youtube ,on Firefox and anther browser block it But on Google Chrome block doesn't work . Is there solve for this problem?
Hi, I was contacted by a customer regarding where to find the list of all applications supported by FTD, the data sheet says around 4000 apps, I only could find the old listing for AVC on https://tools.cisco.com/security/center/avc.x , is this the ...
We had a recent event take place in which an IP address of a web site was being actively blocked by TALOS Security Intelligence as a Malware site. We created a URL Object, added to whitelist, and the site continued to be blocked by IP address. Our on...
Resolved! Firepower per VLAN DHCP Relay
As far as I know, currently it is not possible to configure per VLAN DHCP relay in Firepower, in other words, we cannot configure DHCP servers A and B for Vlan X and DHCP server C for VLAN Y.Is this feature in the product roadmap?
I have searched Cisco and online for docs showing the syntex for natting multiple hosts via command line. I can do it via ASDM, but want to know how to do it via CLI so the running-config does not show "DM_inline" making the configs look more complic...
Why this Firepower is occurring dce2_event__smb_max_reqs_exceeded? Thank You. vrian
Resolved! Segragation of User traffic via two ISP
Hi Team, I want to dedicate particular user traffic subnet (192.168.10.0/24) via 1st ISP and other User subnet (172.16.10.0/24)via 2nd ISP, load-balancing and failover is not an requirement.Currently I'm managing an FTD 2110 with FDM(On box) running ...
Hi,I would like to confirm the apt placement of IDS/IPS, whether it should be before or after firewall. I have Cisco IPS (two) which inspects packet till layer 7 which are in front of firewall and hence after inspection of traffic for malicious conte...
