Hi. IPS portscan detection function blocks some packet on voice traffic and generate event (i created portscan detection to prevent nmap scannin). Could anyone tell me why voice traffic is blocked by ips?
Forum Posts
Resolved! Firepower IPS
Kindly ask you to help me.Well, we deployed IPS on firepower and created network analysis policy to block nmap scanner. When a computer begin scanning another computer firepower blocks it and generate event. It is ok. But yesterday i saw that TFTP tr...
Hi A client of mine has recently purchased two ASA 5516-X with Firepower devices and, not being very experienced with the product, I can't seem to get it to block simple threats. Details of one of the units is in the text below, but basically I do...
Hi, In an attempt to setup Anyconnect to authenticate users by certificates instead of the more common username/password basedauthentication, i have created my own CA and issued:The root certificateThe ASA identity certificateThe client(pc) device ce...
Dear all, First off all I ‘am not a Firewall specialist. I have a configuration that is not working and I am out of options hot to fix my following strange issue. In use: One Public Subnet2 Cisco ASA's with firmware 9.xMultiple private ranges on both...
hi all i have Cisco ASA5516-X and already configured site to site vpn ? once i deploy the connection working fine and i can reach the remote hosts but after sometimes it stop working by it self after checking same day at night .. my question is do i...
Resolved! ASA FTD 6.3 Management
When deploying ASAs FTD version 6.3 with Firepower Services it looks like we have three Management options FMC, FDM, and CDO, and I believe only one can be used. Previously we've used FMC however with the release of FTD 6.3 the FDM looks a better o...
![Image [2].jpg](/t5/image/serverpage/image-id/29122i25458F7A687D5AFF/image-size/medium?v=v2&px=400)
Is there a way how to configure route based vpn on ASA cluster when using context mode multiple? As per documentation, virtual tunnel interfaces are supported in single mode only. What's the reason for that? ASA-5555-x ver. 9.8(3)18 Thanks. Daniel
I am struggling to understand how to upgrade the FMC? Model Cisco Firepower Management Center for VMWareSerial Number NoneSoftware Version 6.2.1 (build 342)OS Cisco Fire Linux OS 6.2.1 (build6)Snort Version 2.9.11 GRE (Build 101)Rule Update Versio...
Hello, My current ASA VERSION is 9.8.2 and Firepower operating system version is2.2 (1.47) . I am downgrading ASA version to 9.4.2. Please let me know if firepower version 2.2(1.47) will be compatible with ASA version 9.4.2 It's urgent ...I am in mid...
Resolved! FW MGMT IP addressing
hi, refer to attached diagram and generic IP addressing (and VLANs). i'm trying to configure inter-VLAN routing and at the same time apply FW rules/policy to just allow SSH and SNMP traffic between the VM VLAN (x.y.z.0/24) and infra/LAN subnet (a.b.c...
Resolved! Site-To-Site VPN | ISAKMP
Hello, https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_site2site.html#28546 I am having a hard time understanding the difference between the "cypto ikeve2 policy xxxx" and "crypto ipsec ikev2 pro...
I have an old cisco pix 515 v8.0(4) that I want to swap out with an asa 5510 v9.1(5) device. But I think I'm having problems getting either the ACL and NAT to work. And I'm trying to understand this conversion better. Because I'm doing something wron...
trying to add a new 5525 for HA but when I issue the failover command in the secondary I get Mate detected then I get this error HA failure due to Mate not present card in slot 3 is different from mine sfr5525 i noticed I had firepower 5.4 on the ne...
