Network Security

Firewall Migration Tool v7.0.0.1 now live!

Enabling our customers to leverage their install base and take them to the next level with Cisco Secure Firewall Threat Defense has always been a key priority. The migration tool is available for download to migrate the configuration on the on-premi...

Creating FMC portobjectgroups

Hi, Is it possible to create port object group and specify the value for the protocol port objects in the same request ? for example, below is the basic request data for creating port object group: Is there any way to create the group members in th...

How to upgrade ASA 5520 HA cluster from Software Version 8.2(5)59 to 8.4 or later version

Hi All, I would like to upgrade one ASA 5520 HA cluster from Software Version 8.2(5)59 to 8.4 or later version. I heard it is not easy to do. Anyone has done this before and any known issues.

Cisco ASA both NAT and PAT

Hi experts. I have a Cisco ASA 5515 where we have several static NAT's, some from the DMZ to outside, and some from inside to outside. I have a requirement to configure PAT for some inside to outside traffic, however I am nervous of affecting the exi...

Firepower Management Center (FMC) 6.3.0.2 : Schedule Backup Standby in HA

Dear Community, we have 2 FMCs in HA and I would like to know how to schedule a backup for the standby FMC.When I log in to the standby unit I cannot see the scheduler under the tools menu and from what I know a primary FMC backup cannot be restored ...

Firepower management module in ASDM

Hi, I have an ASA 5525-X running software version 9.3.4.5 (5) and ASDM 7.5. I have no whad to renew my URL filtering etc and found out I had to upgrade to firewpower, which I have now done. I have recieved a PAK key which I have been able to associat...

FMC 4100 HA Issues

We are looking at deploying a pair of HA FMC 4100's into our environment but I am finding HA rather unstable and looking for advice.My environment is a follows (development as I have never used FirePower before)2 x FMC 4100 running 6.2.3.101 x 7125 r...

Resolved! Cisco FMC Management - WEBGUI Alternative?

Hey guys, I suspect my question will result in a very quick answer... Is there an alternative to the WEB GUI for managing FTD firewalls through FMC? Coming from a background of utilising ASDM to manage FW infrastructure to using the FMC WEBGUI is be...

Firepower DNS policy

Hello. I want to create DNS policy on firepower. But some question need to be answered. Documentation said that DNS policy blocks all malicious domain (Attacker, Phishing, CnC, Botnet etc ). Then i read about dns sinkhole and it is used to forward m...

Multi domain network accessing internet via single FirePower

Hi, did anyone implemented FirePower on the network where users are from two different domains and they are accessing the internet via one single FirePower? It seems that Access Rules can be applied only to one FirePower appliance/module and linked ...

Is it possible to upgrade ADSM on an ASA5525 with a cisco Contract ?

Hi, I need to upgrade my the software on my ASA5525 to firepower - I have purchased this licence but I am not able to upgrade using my current version of ADSM as it does not have the firewpower module. Is there a way to do this withou having get a co...

Resolved! ASA access-list on egress interface

Hi,If I configure the ASA5506 with a bridge-group on the ingress interface, I need to apply an permit access-list on the egress interface to forward traffic.If I use the same configuration, but without a bridge-group on the ingress interface, the tra...

Resolved! Cisco ASA - Negate Firewall Objects/Groups/Rules

Hello, Are there any possibilites to negate objects or groups on the Cisco ASA firewall?E.g. I would like to make an object/group for all not private IP addresses (so a group for "Internet").With this I could say that host A should only be able to ac...

Resolved! How to config Max LSA for OSPF in Cisco ASA ?

Hi,I need to config max LSA for OSPF in Cisco ASA and I would like to know How to config Max LSA for OSPF in Cisco ASA5585-SSP-10 ?Cisco Adaptive Security Appliance Software Version 9.6(2)13Device Manager Version 7.6(2)150 The current config is "Max ...

Resolved! Remote access VPN of Firepower Device Management (FDM) Is local authentication possible?

I can not find it in the Configuration Guide.Help me, please.Thank you.

Editing access lists for mass editing...? Removing all and re-adding

Hello I have to edit every access list we have on our ASA to include the LOG statement at the end and then turn off some syslog messages so that our syslog server only shows Permits and Denies, not opens and closed messages. I have many contexts, and...

Network Security

Forum Posts

Firewall Migration Tool v7.0.0.1 now live!

Creating FMC portobjectgroups

How to upgrade ASA 5520 HA cluster from Software Version 8.2(5)59 to 8.4 or later version

Cisco ASA both NAT and PAT

Firepower Management Center (FMC) 6.3.0.2 : Schedule Backup Standby in HA

Firepower management module in ASDM

FMC 4100 HA Issues

Resolved! Cisco FMC Management - WEBGUI Alternative?

Firepower DNS policy

Multi domain network accessing internet via single FirePower

Is it possible to upgrade ADSM on an ASA5525 with a cisco Contract ?

Resolved! ASA access-list on egress interface

Resolved! Cisco ASA - Negate Firewall Objects/Groups/Rules

Resolved! How to config Max LSA for OSPF in Cisco ASA ?

Resolved! Remote access VPN of Firepower Device Management (FDM) Is local authentication possible?

Editing access lists for mass editing...? Removing all and re-adding

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Problem with ssl decrypt-resign on Cisco Sefure Firewall

FTD reboots and the active firewall losts all of the User ID entries

ASA AD LDAP Authorization belonging to multiple groups

Cisco FTD workaround for SSE connector failure stumbled on rights priv

Assigning an EtherChannel Subinterface to an Instance via FMC API

EU compliance certificate Firepower 1010 NGFW

Firepower 1010 readiness check stuck at "Please Wait"

OpenSSH regreSSHion vulnerability in FMC

Hyper-V VHD image for FMC virtual

Cisco Packet Tracer ASA 5506 Prevents Access to DMZ Servers