Network Security

Resolved! FTD Remote Access VPN allow only AD group?

Is it possible to just allow specific users or group to connect via remote access VPN? After configuring the identity realm and testing any AD user can connect. Do I need to scope the Base DN to a specific group or OU or is there something else I'm m...

Unable to access Firepower Services via ASDM

I am unable to access Firepower Services via ASDM. My SFR module is currently running on 6.1.0.5-45. ciscoasa# sh module sfrMod Card Type Model Serial No.---- ---------------------------------------...

"Decryption error"

Running FP 8130 appliances, within FP Management we are seeing "Decryption Error" for port 443 traffic. We have a valid root cert for the MtM decryption process. Where can we find more information about WHY this has a "Decryption Error"?

Unknown Error (9999) in Sourcefire IPS

Hello, I have Sourcefire Defense Center 750 (5.2.0.2), however facing the following error: Unknown Error (9999): Unable to execute INSERT INTO 'xxxx' SELECT * FROM 'firewall_policy_ip_rep'. Attached the screenshot. It is triggered when I go to Polici...

Resolved! Cisco ASA LDAP Authentification

Hello!I'd like to configure access for Cisco ASA administration for a specific domain group. To this end, I indicated that only members of the "Cisco ASA Admins" group can log in through the SSH or ASDM to the firewall.But during testing I found out ...

MultiDimensional Scale Data Sheet for ASA 5515x

I am trying to find a multidimensional scale data sheet, which can show me the Firewall Throughput and performance details while testing with multiple services enabled at the same time. For instance the firewall throughput when VPN and threat detecti...

How to delete the lines of access list

Hi I tried to delete the red line as below using CLI command.. But I put a "no" in front as follows:- It said Error: %invalid Hostname. Anyone please enlighten me? Thanks ASA(config)# no access-list internal.in line 4 extended permit tcp 172.30.4...

Resolved! Transferring ASA License - 5505 - 5506 X - Possible?

Hey all, I think I already know the answer to my question but I thought I would ask. In our environment, we have an older 5505 ASA that we are planning on decommissioning and replacing with a 5506 X. We are looking to implement subinterfaces on...

Firepower 2130 CLI accees for firewall configuration.

Dear All, I am thinking to go with FirePOWER 2130 with 10g interfaces. It will have FXOS and ftd image I suppose. I want to know if I can manage ACL and NAT using CLI as use to do earlier or it is all through GUI. Thanks Deepak Khemani

Resolved! UPGRADE Firesight 6.0.1.3 to 6.2.3 based on vmware upgrade from 5.1 to 6.5

Dear Support. I have firesight management server version 6.0.1.3 installed on ESXi 5.1. we want to upgrade our ESXi to version 6.5. As you know (as per the following link : https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/fi...

What is the TCP IDLE Socket Timeout Value for Cisco ASA

Resolved! Not quite grasping "Extended PAT"

Could anyone explain or point me to a document available somewhere that explains Flat and Extended PAT in a little more detail?Thanks in advance

I did not find snmp mib and oid on Firepower 4120 ASA appliance with 9.7.1.4 version.

Hello, I could not find mib&oid information of the ASA below. - Device : FP4120 ASA Appliance - Version : 9.7.1.4 Please share the information with me if someone have it. Thanks.

Resolved! Reimage the Firepower 2100 Series to an ASA Image

Hi All; There is Cisco Firewpower 2110 however is not going into dpeloyment due to the fact that it does not support multicontext at this stage. We are thinking in going to use the 2110 with an ASA image and run it like that for a while till the mult...

some questions about Cisco ASA 5505 throughput and limitations

hello all, I have inherited a handful of Cisco ASA 5505s, I'm not sure what exact model they are but they are all 8 port models. I tried inputting serial numbers into the cisco coverage checker to see if it would give me model numbers and none of the...

Network Security

Forum Posts

Resolved! FTD Remote Access VPN allow only AD group?

Unable to access Firepower Services via ASDM

"Decryption error"

Unknown Error (9999) in Sourcefire IPS

Resolved! Cisco ASA LDAP Authentification

MultiDimensional Scale Data Sheet for ASA 5515x

How to delete the lines of access list

Resolved! Transferring ASA License - 5505 - 5506 X - Possible?

Firepower 2130 CLI accees for firewall configuration.

Resolved! UPGRADE Firesight 6.0.1.3 to 6.2.3 based on vmware upgrade from 5.1 to 6.5

What is the TCP IDLE Socket Timeout Value for Cisco ASA

Resolved! Not quite grasping "Extended PAT"

I did not find snmp mib and oid on Firepower 4120 ASA appliance with 9.7.1.4 version.

Resolved! Reimage the Firepower 2100 Series to an ASA Image

some questions about Cisco ASA 5505 throughput and limitations

A new chapter of the Spotlight Award begins!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

How can FTD block file with Cloud lookup disposition: Unavailable?

FTD firewall in OT/ICS environments

FTD Decryption Policy - documentation confusion

FMC correctly seeing some ISE PassiveID users, other show Not Found

Adding an FTD to cdFMC (CDO) and prefilter policy questions

Cisco ASA 1010 - Next-Gen VS. "Non Next-Gen" Management

Move a FTD H/A pair to a separate FMC

FTD-Can not Configure Management Interface

Cisco ASA OSPF ECMP

Cisco ASA Static NAT Issue with Server not connected directly to ASA