Hi There, We have FPR2140-FTD box in HA and have separate zones in Firewall for LAN and Server Zone. In Server Zone WSA is connected, we have requirement to implement WCCP. Please suggest wccp implementation on FTD.
Forum Posts
Cisco 3825 routing two vlans. ZBF setup between the two vlans to only allow ssh/http/https. Connections are working but when ssh'd into server the session "locks up" for a short period. I can most easily see this when in a session I have the serve...
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/interface_start.html#34996 The ASA does not support connecting an EtherChannel to a switch stack. If the ASA EtherChannel is connected cross stack, and i...
Resolved! Remove Actviation Key for ASA 5520
hi, i got a pair of ASA 5520 that i want to enable HA-active/standby. since ASA 8.2 requires both units to have identical licenses, i'm unable to enable HA due to anyconnect essentials license not enabled on the primary/active unit. is there any way ...
I get a crictical error message on FMC saying the following: ASA5555: URLFilter used count will exceed total by 2 licenses.ASA5555: MALWARE used count will exceed total by 2 licenses However for My ASA though the SFR is fail-open and I am allowing a...
Hi Community! We're replacing a 5505 ASA with a 5506-X running ASA 9.8.2 with FirePOWER 6.2.2. We also have 2x new 4120's running FTD that we will be managing via a virtual Firepower Management Center (VMware). My question is, can we fully manage...
Hi all, sorry if this has been answered somewhere else, doing a quick search I didn't find anything. Does anyone know if EEM is supported on Active/Active HA pairs? We run version 9.8(2)17 and I don't see the commands available. I have tried runnin...
My firepower reports that there are indications of compromise on a few computers every day. when i drill into the analysis, the malware event was blocked (with reset) with my policy. So the devices have not really been compromised. is there some wa...
Since the documentation says this: The Firepower System does not support trusted AD domains. This means that the Firepower System does not track which configured domains trust each other, and does not know which domains are parent or child domains ...
Hey Fellow Cisco Professionals, I am working on enabling FIPS mode on my ASAs(5516x and 5512x) but my site to site and remote access VPNs break after enabling FIPS. I'm having trouble finding good documentation for any prerequisites or caveats for...
Hi All,I am new to working on Cisco Firepower and was looking for guidance on the following:I need to create an access rule to allow access to the Office 365 services.I have all of the domain names required to add to the rule e.g. *.office.com, *.sha...
Hi, I have two 5512 ASA's. I did configuration that FW-2 become Active and FW-1 become Standby. But when I power on the devices always FW-1 become Active. I checked the "show failover state" command I saw that "Ifc Failure" reason. But I check the mo...
Hi, Hi, I'm planning to upgrade my cluster of ASA from 9.7(1)24 to 9.10.1. I wanted to know if someone already has done this upgrade ? is there any point of vigilance? Also i have VPN and hostscan profiles on the ASA , can they be upgraded dire...
Hello,My remote IP is 200.20.x.x network each private IP is nat inside with a public IP address into my core router. From my core, I was able to ping all the remote sites 200.20.x.x but unable to ping the public IP's. From my remote, I was not able t...
Hi All, Anyone was successfull in installing IPS 7.0 on GNS3? I was able to get 6.0 working but 7.0 keeps producing errors like "Connection refused: Network error". I tried with different windows 7 and 8 machines but the same thing happens. If anyone...
