Forum Posts
We are planning to move the Cisco FMC server from the CentOS KVM server to the Ubuntu 22.04 KVM server. Does anyone have any document for same. Additionally what are the precaution need to take to address this
Dear all,how can I change the chassis name on FirePower-1120?firepower-1120 /system* # set name FirePower-1120Warning: System name modification changes FC zone name and redeploys them non-disruptivelyfirepower-1120 /system* # commit-bufferError: comm...
We are in the process of setting up a Hybrid Cloud/ On-prem Exchange environment. We can successfully connect over port 443, but when we try to send emails over port 25 we are getting a SSL Block. We are using the Decrypt - Known Key rule set up usin...
hello I am working on an ISE v2.7 to v3.2 upgrade /migration I have staged a VM with a v3.2 build I am trying to understand the timing of the handover for example if I restore the production configuration & install the certs from v2.7 to the v3...
I have traffic flow like shown below -A Microsoft public IP > a public IP on our DMZ firewall on prem > NAT > an private IP on prem.Is it possible to configure FW to forward traffic as shown below?A Microsoft public IP > a public IP on our DMZ firewa...
Resolved! FMC Policy Export
HiThe Cisco Doc for the Policy import/export says the below, Does this mean just the FMCs should be on the same version and the FTD can be on a different version ?? (The importing and exporting appliances must be running the same version of the Firep...
Hello, community!I'm using FTD1010 managed by FDM with latest FW 7.4.2-172. I'm getting unexpected behavior with the box, that passes traffic however it should not do so.I configured 2 rules with logging:I configured SSL Decryption to match this traf...
I recently upgraded to 7.4.2.1 and learned about CSDAC and am happy this is being addressed. Is it possible to apply these attributes to RAVPN split-tunneling? This would be very useful over the existing Custom Attributes.
I have a problem with a URL list in the FMC. I have created a URL list object there. I have saved the URLs in a text document and uploaded them to the FMC. So far, all URLs that I have stored there work. I can also see in the unified events that the ...
ASA 5580,系统版本是8.4(1),现在配置failover时,inside的接口无法启用lacp协议,两端都是active,对端交换机配置port-channel,debug发现有lacpdu报文发送,但是在ASA这边没有收到,同时asa也没有发送报文,导致port-channel一直是down。网络拓扑如附件。现在是9.1连接cisco 7010交换机的10/5口作为port-channel接口,不知为什么,port-channel接口始终无法协商lacp成功,两端均为active,但...
We have 2 FMCv to manage different firewalls and we initially cloned the first FMC VM to create the new one, but that is not acceptable by the CSSM as I read on other threads.We then created a new FMCv from a downloaded image with the same version of...
Resolved! FMCv Migration FMC2700
Is there a migration path from FMCv25 (VMware) 7.4.2.1 to FMC2700?The Cisco Secure Firewall Management Center Model Migration Guide (16 Sep 2024) appears to be the most recent and references version 7.4.2. https://www.cisco.com/c/en/us/td/docs/securi...
Im attempting to use /api/fmc_config/v1/domain/{domainUUID}/object/internalcertificates/{objectId} to replace/rotate the LetsEncrypt certificate on the FMC. I get a 200 response, but the certificate does not change.Has anyone successfully done this?...
Problem: "show conn flow-rule qos" [followed by any input] gives "Syntax Error: Illegal parameter" Fix: first enter "system support diagnostic-cli" and then "enable", THEN you can run e.g. "show conn flow-rule qos 268444269" I first found the qos r...
