Network Security

upgrading asa 5510 to 9.1(2)

Hi, Have 2, 5510 ASA firewalls i need to upgrade. one firewall is at 7.2(3), and the other is at 8.2(5). Was reading release notes, and the upgrade path says i have to first upgrade to 8.4(5), and do not see 8.4(5) available for download. How can i ...

Cisco ASA 5506-X Firepower Device Manager

How do you change the https port number in Firepower Device Manager This is a Standalone ASA 5506-xCisco Fire Linux OS v6.2.2 (build 11)Cisco ASA5506-X Threat Defense v6.2.2 (build 81)

Resolved! CISCO ASA migration from 5510 to 5525x

Hi, I would like to migrate ASA-5510 version 8.4 (7) to ASA 5525X- version 9.7.2. If someone could please help me with the steps to follow that would be a great help. Existing config has VPN, HA and NAT as well. ThanksJP

5505 as DHCP server for hosts connecting to a WiFi access point

From guidelines and limitations on configuring DHCP: DHCP clients must be directly connected to the ASA and cannot send requests through another relay agent or a router.If I want to connect a number of hosts through a WiFi access point, is this acces...

Resolved! Help Setting or Troubleshooting the Default Gateway on FTD

I've got 20+ Cisco 5506s deployed with the FirePower Threat Defense (FTD) 6.2.2.1 code. They are all managed by a single FMC server. When I go into Devices > Device Management, several show up as green/online, but I'm not able to ping them from my...

Cisco asa 5516 Firepower -unregistered

Hi We have a FW with FTD 6.2.3.6 that is not connected to internet on MGMT interface. Since we drop the 90 days evaluation period, no it says unregistered and all new deploy of objects and policies can't be done Could you help? IS it possible...

Advice on setting up an ASA5506-x

Hi, My current setup is that I have a 2960S switch which links to a 897VA on a trunk link, the 897VA is setup with 6 vlans for various networks. The 897VA is also setup with ADSL connection to Plusnet via the built in VDSL controller it is also setup...

Resolved! Remove FMC NTP 127.127.1.1

hi, i've added google NTP in FMCv but i can still see 127.127.1.1. see photo attached. is there any way to remove it or is this a system default?

Cisco ASA 9.10 and BGP over VPN L2L

Hi all. I'm trying to configure BGP over VPN L2L. The logs show that the source interface for BGP is the Outside interface and not the Inside. I was looking for a command like: neighbor NET update-source (inside). But as this command is only availabl...

Problems maintaining IKEv2 L2L SA (1 min) over NAT-T on ASAv10 in AWS

Hello Everyone,I have installed an ASAv instance in AWS and am trying to bring up an IKEv2 L2L using certificate authentication. Phase I and II pass and the SA gets built up. I get traffic to pass but only briefly, exactly 1 min... Then it dies. I...

Configuring main mode in VPN site to site

Hello guys, A client is asking me to implement a vpn site to site using main mode. But I have a Cisco ASA 5525 version 9.1(1) with its default value aggressive mode. I think that If I use the command "crypto ikev1 am-disable" in the global configur...

How to register smart license in SSM satellite for FDM

We are running Firepower 2110 with FDM (not FMC), but are unable to add smart license to our locally SSM satellite. I have found this which only explain how to add the license with Smart Software Manager: https://www.cisco.com/c/en/us/td/docs/secur...

ASA IKEv2 L2L VPN Cert Auth failing

does anyone know if there is s a link to configuring l2l vpn with certification authorization?Im currently using PSK and moving to IKEv2 with cert auth. IKEv2 is working with PSK but i want to use certs

FTD: Block with reset vs Block

Hello all. I have made a few tests with content block and got stuck with an unexpected behavior - or a bad understanding from my part. 3D sensor runs v6.2.2.2-1, if that adds to the question. According to the documentation [1]: "The Block and Block...

Resolved! Configuring ASA 5520 to work with SSM-20 IPS module

Using this equipment in my home lab for study purposes.I attempted to follow instructions I have found to send the asa traffic to the ips module for inspection. I command is missing for me.Commands I input on the asa: access-list IPS extended permit...

Network Security

Forum Posts

upgrading asa 5510 to 9.1(2)

Cisco ASA 5506-X Firepower Device Manager

Resolved! CISCO ASA migration from 5510 to 5525x

5505 as DHCP server for hosts connecting to a WiFi access point

Resolved! Help Setting or Troubleshooting the Default Gateway on FTD

Cisco asa 5516 Firepower -unregistered

Advice on setting up an ASA5506-x

Resolved! Remove FMC NTP 127.127.1.1

Cisco ASA 9.10 and BGP over VPN L2L

Problems maintaining IKEv2 L2L SA (1 min) over NAT-T on ASAv10 in AWS

Configuring main mode in VPN site to site

How to register smart license in SSM satellite for FDM

ASA IKEv2 L2L VPN Cert Auth failing

FTD: Block with reset vs Block

Resolved! Configuring ASA 5520 to work with SSM-20 IPS module

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Anti-Malware Application condition CS

Disable IPS on Firepower 4120 for PSN/PCI Scans

What is taking place behind the installation process of Firepower 2120

Configuring OKTA SAML on FTD 7.2.5

Palo Alto to Cisco Migration Tool count_summary error

Cisco ASA5555-X PSU Hot Swap

Does Cisco stopped the VM version of Cisco Secure workload

Which Model of Cisco Firepower that included UTM?

Convert single Firepower 1120 into an HA pair

Firepower 1000 setup