Network Security

Firepower 2110 Dual-ISP failover with web FDM GUI

I'm looking to set up a Firepower 2110 Threat Defense using the Firepower Device Manager GUI. I have a single outside interface set to the main ISP that all traffic is currently routing through, but also have a secondary outside interface for a seco...

Firepower upgrade 6.2.0 to 6.2.3 using ASDM

I am trying to update Firepower FTD and I have downloaded the following: Cisco_FTD_Upgrade-6.2.2-81.sh and Cisco_FTD_Upgrade-6.2.3-83.sh but when I click to install, I get an error message stating "The requested update is not valid for this model."...

Resolved! Update 5506-X with FirePOWER failover

Hello, I need to update an ASAs failover 5506-X with FirePOWER to overcome vulnerability CVE-2018-0296. I would like to know how I can transfer the .bin that is on disk0: from the first ASA to the second. Regards,

ASA5506-X/ ASDM/ Firepower: How to match traffic to send it to Firepower?

Hello folks, I have a hard time getting my head around Firepower deployment on ASA5506-X, managed with ASDM. I'm trying to follow the manuals but just don't get it. Could anybody tell me the configuration needed (CLI) to match traffic that should...

Cannot download updates: peer certificate cannot be authenticated

I have a FMC 1500 that I am trying to update to 6.2.3.7 The automatic updates seemed to have stopped, and when I try to manually download in system-->updates I get the error: "download updates failed: Peer certificate cannot be authenticated with...

ACL Log is not sending to syslog server

Hi I have enabled a log on ACL as below ip access-list extend CAPTURE_BATCH_1_VLAN_103 permit tcp host 172.16.101.108 any gt 0 log permit tcp host 172.16.101.109 any gt 0 log permit ip any any when i do "show log" in the switch, I can see the ACL ...

FirePOWER Module Power Outage = Death

Hi Folks, I've got a customer who has had some issues with FirePOWER modules after power outages in that the module corrupts. We've raised this with their support partner and we've been told that it's pretty much expected behaviour. In that if a...

Can not use firepower interface

Originally follow manual can see firepower user interface in ASDM in ASA5506X but after watch youtube tutorial to set configure manager 192.168.1.1 keyisnotPAKbutmyimaginedtext then ASDM firepower user interface disappear how to make it appear aga...

ASA OS Upgrade

Good day all, I am trying to update our ASA 5525-X Firewall firmware from version 8.6 to the latest, I would like to know what to prepare for and what my current licenses allow me to do. This is the result of my show inventory below Licensed feat...

Resolved! ASA 5516-X With FirePower Services - App rate Limiting

Hi All I have what seems as a basic question but I have been going round the houses on it? We have some new ASA5516-x firewalls with fire power services running the latest 6.1 images. Note these are running the independent asa and firepower images a...

CSM causer issues

Hi,Firewalls I have upgraded our version of CSM to 4.17. We have always had issues with the built in backup, every Sunday it would the services and take the backup, however the services would never restart. We would have to go on the CSM server its...

Resolved! FTD CSCvk33923 High disk usage after deleting managed FTD device from FMC

Hi all, The workaround from Cisco is below: Workaround:> remove or move /ngfw/var/cisco/deploy/current-policy-bundle.tgz > No new deployment packages files will be created under tmp folder after that> Remove files created before by running:rm -r /n...

Firepower Dynamic Analysis

Hi guys, I successfully deployed firepower IPS. I'm just wondering what is the use of the button "Associate" in the Dynamic Analysis section? Thanks

Resolved! Traffic flow Through Site to Site VPN

Hi team, I've an Cisco ASA 5520, here is the show version summary: Cisco Adaptive Security Appliance Software Version 9.1(1)Device Manager Version 7.3(1)101 Compiled on Wed 28-Nov-12 10:38 by buildersSystem image file is "disk0:/asa911-k8.bin" All ...

Allow ICMP through Cisco ASA

I know this seems trivial, but I can't seem to figure it out. I have a solarwinds server internal of my network and I need to be able to let IPAM scan public IP addresses that are beyond the ASA firewall. How can I accomplish this?

Network Security

Forum Posts

Firepower 2110 Dual-ISP failover with web FDM GUI

Firepower upgrade 6.2.0 to 6.2.3 using ASDM

Resolved! Update 5506-X with FirePOWER failover

ASA5506-X/ ASDM/ Firepower: How to match traffic to send it to Firepower?

Cannot download updates: peer certificate cannot be authenticated

ACL Log is not sending to syslog server

FirePOWER Module Power Outage = Death

Can not use firepower interface

ASA OS Upgrade

Resolved! ASA 5516-X With FirePower Services - App rate Limiting

CSM causer issues

Resolved! FTD CSCvk33923 High disk usage after deleting managed FTD device from FMC

Firepower Dynamic Analysis

Resolved! Traffic flow Through Site to Site VPN

Allow ICMP through Cisco ASA

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Question on S2S Tunnel to Azure using FTD or Azure Native S2S

Setting out TCP MSS on FTD only for non-ipsec endpoints

Cisco Stealthwatch ipfix exporter

FMC - Error mesasge: Unable to reach Cisco Cloud from the device

CISCO FXOS Upgrade - API

FTD 2130 HA Pair - FMC - sftunnel CA expired - Fix options

How often does IPS update on Firepower devices

ASA Nat re-order, renumber, existing nats, add new ones

HA pair in Active/Active. Cannot deploy policy

FMC Management Center is out of compliance.