It seems that ASA failover works fine without the standby address. What is the advantage of wasting an IP address?Regards,AM
Forum Posts
I am running a couple of Cisco FTD 2110 managed with FMC and am looking for the best way to block access to our remote access VPN by IP. From doing some reading it looks like the best (and only?) way to do this is via a control plane ACL deployed via...
I have 2 instances of firepower threat defense running on 4100 hardware device and managed by FMC. I have been trying to recover password of one instance of the ftd using this guide https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/...
Hello, In ASA failover all interfaces whether they are monitored or not (using no monitor-interface) will switch their ip addresses when failover occurs or via 'failover active "command. my question is : Is there any possible way by which we can f...
I have extended support for below EOS devices. I have a power activity in some time, so need to make sure that all PSUs are working fine for me. Like :- "FXOS prompt – 4110 & 4120 – FPR/chassis # show environment expand detail" what are the equiva...
Resolved! Diffie-Hellman groups for FTD 7.6.X
Hi, What are the DH Groups supported for FTD 7.6.X?
A scan has suggested that an SG350 ver 2.5.9.16 switch is running SSH 1.3 or 1.5 and that it should be disabled. However, it doesn't appear to be running this version. If I enter show ip ssh then I get this output:SSH Server enabled. Port: 22RSA key ...
Can you upload/restore a backup config of an old FTD that was saved via FMC to a new FTD via FDM/locally? Not sure if they are unique device specific? Basically want to restore configs of an old/bad FTD (to configure exactly the same) locally and/or ...
I know a couple years back, and couple OS revisions back, there was a significant change to how one could access via SNMP the ASA's inside interface through a L2L tunnel. I have encountered now 2x FPR1010 (ASAs) with v9.18(2) that through the VPN I c...
I am using session sfr command to open the firepower CLI, but don't see an option for restarting the CLI wizard. I have an ASA 5506-X with firepower and want to get into initial configuration wizard within Firepower module's command line. I already ...
Working on a ASA to FTD migration and trying to find more information on how and what to do for this?The ASA trustpoints must be manually migrated to the management center as PKI objectsDoes it mean all the below certs need to be migrated as PKI obje...
I want to create admin parallel userin CISCO FPR 1120
After I upgrade to ASA 9.18, the command app-agent heartbeat interval 1000 retry-count 3I am using Cisco CSM (4.22 SP1) to deploy policies and it is stuck getting an error:app-agent heartbeat interval 1000 retry-count 3^ERROR: % Invalid input detecte...
Resolved! Cisco ASA Default route preference
Hi Community.I need some help on the Cisco ASA please, On Cisco ASA firewall having default route pointing to internet ( ISP1)on outside interface S* 0.0.0.0 0.0.0.0 [1/0] via 10.209.66.71, outsideAll working as expected Next, Scenerio1: I have anoth...
I have a weird requirement. ATT Fiber gateway blocks NTP port 123 (source only ---> Internet). I want to map the source port to 1024 for the NTP service on inside interface going to Internet (inbound on inside interface), and re-map reply destination...
| User | Count |
|---|---|
| 10 | |
| 7 | |
| 5 | |
| 2 | |
| 1 |
