I attended a webinar a couple of weeks ago surrounding FTD migration. How do I migrate my Anyconnect SSL licenses over to FTD? I'm unable to find out any information about it. I have an ASA 5515-X with 50 SSL licenses which give clientless web VPN as...
Forum Posts
All, I have taken over supervising a network ( I am not a dedicated IT person or cisco trained) Once of the things I was told was the firewall base license was making all interface connections 100m instead of 1000m. I have also read that the se...
I have several remote sites using ASA5505 terminating on a FPR2140 ASA. All worked fine until i moved the VPN's to a new internet feed. Now all traffic, SNMP etc work ok but pings dont work so monitoring system cant show them as up. one site is still...
Description: We are using multi-context ASA and physical subinterfaces. I am able to get interfaces' statistics from different contexts via SNMP. But the statistics from physical interfaces and subinterfaces would be very helpful for having the overa...
Resolved! ZBF zone based firewall on ASR 1000
Hi Group any idea how this could happen in zone based firewall: sh policy-map type inspect zone-pair sessions Zone-pair: Guest->Internet Service-policy inspect : Guest_to_Internet Class-map: Guest_Protocols (match-any) Match: protocol http Match: pr...
Resolved! Firepower Remote Access VPN Filter List
Hi, I have a working AnyConnect 4.6 remote access VPN solution in place on a Cisco FTD 2110 and FMC on software code 6.2.3.5. All user traffic comes via the VPN, no split-tunneling. Now I want to apply a VPN Filter ACL to the group policy to rest...
Hi, I want to restart my SNORT process, will it drop traffic? Is there any way to restart SNORT without any dropping of traffic? Thanks
Hi all, i have just deployed a firepower in a vm environment, i have also just activated the smart license evaluation mode. i'm task to add a sensor on the firepower management center, where do i download the sensor for fmc in cisco support. my cu...
Unencrypted malware blocking is working fine. If you implement a SSL decryption policy for HTTPS web traffic and configure an ACP rule to inspect the HTTPS traffic for malware, one of two things will happen: 1. Either the Firepower module will de...
Hi guys, Does anyone know if it's possible to block using Firepower all browsers but one (let's say Chrome). So in terms of old firewall rules way: Rule no1 - allow browser Chrome Rule no2 - deny any other browser I found a hint (tracking User-...
Hi, Can someone tell me how to check or view temporary self signed certificate generated by ASA using CLI? Also, is temporary self signed certificate generated once command "http server enable" is entered? And, what happens if disable http server a...
Dears, Please find the attached Please suggest when 6509 are in VSS mode how the connection should be. The access switch is connected to both core with Multi chassis Ether channel, ,,, the user traffic is hash in default algorithm of the port cha...
Resolved! Compatibility ASA 5540 and ASA 5545
Hi guys, i have two ASA 5540 firewalls working in stack, unfortunately one of them was broke up. some power issue or something like that... my question is, i have one ASA 5545X in spare. Can i substitute the 5540 for the 5545 with no problem? tha...
Resolved! Multicast through firewall
I am getting the log below: Deny udp src outside:192.168.20.11/21002 dst identity:239.224.20.7/1007 by access-group "outside_access_in" The systems (192.168.20.11) sits on the outside port of the firewall and does the streaming to 239.224.20.7/100...
Resolved! FTD with two outside interfaces
Hi, I need to configure an Firepower 2110 so that it has two Ouside interfaces. Offcourse, I will put an Default Gateway route on interface Outside_1 and I wil have all my traffic go this direction. But I need e.g. that my second, Outside_2, interf...
