Howdy y'all,We've recently installed FPR1140's, managed by CDO, and we make use of blocking certain Talos' Categories (Malware, Malicious, Phishing, etc).I understand that the Security Intelligence process is before the Access Rules, and that SI can ...
Forum Posts
Good day. We are looking at testing out deploying Cisco ASAv and/or FTD in Azure as part of new requirement. Question I have is it possible to set up high availability (Active/Standby) between two different regions (ie. Active is in one region and st...
Hi All, I m trying to set Destination NAT so that an outside source can send some logs to an inside log collector server via UDP . The translation device in this case is a FMC managed FTD . Please find below the expected flow of the traffic Source IP...
I have seen an issue with an ASA setting up a connection and keeping this connection through a wrong interface. Background: ASA is perimeter Firewall, has a default route towards outside and some routes pointing to inside (10.10.0.0) and some to a t...
I have a deploy failure on firepower and after that the device won't let me deploy config. It give error and say for partial deploy must first do full deployment force refresh but force refresh give error to me .Can anyone help? i think than must ...
Hi,I wrote the Python script shown below to backup multiple ASA firewalls in single or multiple context mode, with and without failover. If ASA is in failover mode, then also config from standby unit is backed up. Normally this should be identical, b...
I am trying to figure out how to add a static ARP entry to the ARP table on my Cisco Firepower 1120. I'll admit I'm very new to this product line. I have two sites and I'm trying to create a VPN between them. My ISP allocated two addresses in the ...
I found on "Firepower Management Center Device Configuration Guide", says for non-IPsec endpoints, you should disable the maximum TCP MSS on the Firepower Threat Defense device.If I am running IPsec tunnels on my FTD, How can we achieve disabling max...
Suddenly the FMC does not display connection events prior to September 8, 2023. While it correctly displays all "file events", "intrusion events" and "security intelligence events". Only the connection events have disappeared.FMC Version 7.2.4
HelloI have a deploy failure on firepower and after that the device won't let me deploy config. It give error and say for partial deploy must first do full deployment force refresh but force refresh give error to me .Can anyone help?
We are moving locally managed (FDM) FTDs to FMC. We are choosing to re-provision rather than run the migration tool. What is the best procedure to follow in terms of re-licensing the FTDs. Is it best the deactivate the license in FDM prior to switchi...
Hi all, We have LDAP and Radius as external authentication methods setup for user login in FMC as one of admin. We see user shows as just external in system > user list. No details on what auth method used. My question is how to determine in FMC if t...
Does Firepower 2130 support site to site vpn to Goggle cloud with bgp routing option?? if so, how to do it?? Thanks.
Resolved! ASA can't boot from system image
Hello Cisco experts, I bought a used ASA 5510 two months ago for my lab gear, it was working super fine, but two days ago i turned on my ASA to work with and i found my self on the ROMMON, i know that it's tooo weird but even me i can't understand h...
Hello,Regarding the ASA5525 with the FirePower module I am using, the following configuration exists in the service policy rules:-------------class-map Internal-classmatch anypolicy-map Internal-policyclass Internal-classsfr fail-openservice-policy I...
