Hello community, I am trying to inspect some traffic and I am facing some troubles. 1.- Traffic is being sent using multicast. Does Firepower inspect that flow? It seems that it does but I can't show it as an event. UDP RED_TRANS_1 239.3.31.20:4021 ...
Is there any way, or has anyone had any luck coming up with a working solution with the current verison of FTD for dynamic access policies on VPN Anyconnect clients using FTD firewalls? Can you use a DACL with ISE or a Radius server? Can you use LDAP...
ello Everyone, We have a plain ASA (no ids/ips, firepower), we want to determine if the device is being port scanned. Did some quick scan (nmap) and all i see by filtering the device that im scanning it from is this %ASA-4-313009: Denied invalid ...
Hi all, We are planning to deploy Meraki SD-WAN solution and each branches will have two links, one is a MPLS link and one is a Internet link. The requirement is to have direct Internet access for Office365 traffic only at branches, and the rest ...
I have a pair of ASA 5510s configured in active/standby mode. I have already configured the failover settings on the firewalls. Both firewalls are connected to a 2960G. I made a change to the interfaces on the 2960 to allow 2 mac addresses on each po...
Hi I´m trying to allow direkt Internet Access for certain applications in our branch office. I´m using Zone BAsed Firewall on the router. Is there a way to use NBAR2 application detection inside the class map ? If i use a class-map type inspect i...
Hi Experts, We've multiple ASA's with the CSM (Cisco Security Manager) and not all firewalls are CSM managed. Is there any way to find from ASA CLI that device managed by CSM...
I am trying to figure out how to scan a FirePower 7020 with Nessus, more specifically with Tenable Security Center. I have the admin account info...but when logging in via SSH, you must first enter EXPERT command before NESSUS can run it's plugins. ...
This will hopefully be a very easy question for someone who normally works within the FirePower Management Center. We currently have a couple of servers opened up to the outside world for RDP connections by our employees; I know this isn't a good pr...
I have been trying to configure 2FA for the ASDM UI for our ASA 5512-X. There has been no success and it seems that there is no software solution. Yes, there is 2FA for Any Connect and for VPN, but not for an administrator using ASDM. This is somethi...
I'd like to purchase the botnet license feature for my 5508, however, I've been unable to find it. On CDW there are many licenses for every other model, but not the 5508. Is another model's license compatible with the 5508?
I recently upgraded firepower 2100 FTD to ASA. But in ASDM there is no any tab for firepower configuration. Does this option support for FP2100 ?
For reasons that dont have a happy explanation, I am running 8.2(5) on a 5505 along side ASDM 6.3.1. That works well enough for what is a home lab to study some abomination that exists elsewhere that runs the same code. Ask no more about the why, I b...
Folks, I have an ASA and would like to see why my ipsec tunnel is not coming up.I enable logging. and then type in "debug crypto isakmp", but see nothing, in old pix could, it was so easy to troubleshoot but with 7.x code is there a good command...
I'm trying to use the AD user integration to allow certain groups to access Facebook and deny others. I realize I need AD integration with the user agent for firepower but this is a standalone FTD with no FMC as the documentation for this setup shows...
