Network Security

ASA FailOver Interface check

Ciao, In a couple of ASA configured in Active/Passive failover, someone can explain me what's the failover timeout that can be set when a ASA interface link goes down: Message #466 : fover_health_monitoring_thread: vPifNum = 0x8, No Link Message #467...

Firepower 8350 ntp time

Hi. We use the fmc 2500, firepower 8350. And we use local NTP server. I setting fmc 2500 is local NTP server, and firepower 8350 setting via NTP Time from management center. But fmc 2500 is right setting NTP server time, but firepower 8350 is n...

Revert ASA back to Local Authentication/Authorization

aaa-server TACACS protocol tacacs+ reactivation-mode depletion deadtime 2aaa-server TACACS (management) host 10.20.0.60 key *****aaa-server TACACS (management) host 10.21.0.60 key *****user-identity default-domain LOCALaaa authentication ssh console ...

pfsense deployment on UCS-E

Dear CommunityA client has an existing WAN solution based on FlexVPN with DIA secured by ZBFW. We wish to migrate this to the Enterprise standard IWAN which follows latest CVD.ZBFW to secure tunnel transports (global) is not described in IWAN prescri...

Resolved! ASA NAT between two public IPs

Hi, I have one (probably for you guys/girls) very basic question to ask. I have never tried it myself as I don't currently posses ASA, but in my company we have really weird network configuration which is super difficult to fix at this point as I hav...

Some observations and Suggestions on Firepower URL filtering

Environment background: - Firepower Management Center 4000 - 6.2.3.4 - Clustered ASA5585-SSP-40 with sensors - 6.2.3.4 I've been monitoring externally provided data about traffic from my inside networks to known malicious URL sites to measure th...

ASA 5505: Adding rules to permit WiFi/VoIP Calling?

Greetings,I have several cell phones with T-Mobile, all of which support routing voice calls via WiFi instead of through cellular. The feature seems to work just fine on the Android phone implementation without modification to firewall rules, but on ...

Log all ACL on ASA

Hi, is there a way to globally log all ACL to syslog instead of having the word "log" at the end of each rule? On the ASA platform. It's for testing purpose. thanks

I am getting this mentioned error in Cisco Firepower Active member.

Dear Team , I am getting Below Error INBOUND Mac Mismatch Generated da bd 1f 0c 8d 1d 37 c2 fd 60 cd 5f Expected 8f d2 ee 01 69 9a ed 1d 27 72 7e 67 This warning i am getting this is ok , But when i am deploy policy in firepower in FMC below ...

ASA5506-X cant access wlc-2504

Hi guys I have just installed a asa5506-x firewall and have the lasted software version on it and FirePower is operational etc. I have the following devices ASA5506 10.10.100.1 FirePOWER 10.10.100.2 WLC2504 10.10.100.3 Switch 10.10.100.4 UPS managm...

Resolved! FirePower on Multicontext ASA

I'm looking to activate the FirePower services on a 5555X ASA which run in HA and multi-context mode (3 contexts). I'm used to manage FirePower devices and multi-context ASAs but never tried both together up to this point. Is there any license requir...

Cisco Firepower Management IP

I have a firepower 2120 device and I'm trying to find the serial number so that I can add a smartnet contract to it.Show server inventory doesn't present any output. If I go into the web GUI, I see there's another IP address listed as the management...

Azure pricing calculator with ASAv from marketplace.

Does anyone know if you need to add a virtual machine for the ASAv to the Azure pricing calculator when creating and estimate for a client ? We know it's a Bring your own license, but not sure if we need to add the required virtual machine instance u...

Cisco Firepower hardening template

Hi, My side is getting cisco firepower soon.Can anyone provide the hardening template for cisco firepower?Are the commands for cisco firepower very similar to cisco ASA? TIA!

Resolved! what is the difference between dmvpn and flexvpn

Hi,Full mesh in the network using ISR and DMVPN. Security needs to improve - no firewall between the connections - therefore I feel they needto move to flexvpn on CE ISR to central ASA from the -X series.I know migrating from DMVPN to flexvpn should ...

Network Security

Forum Posts

ASA FailOver Interface check

Firepower 8350 ntp time

Revert ASA back to Local Authentication/Authorization

pfsense deployment on UCS-E

Resolved! ASA NAT between two public IPs

Some observations and Suggestions on Firepower URL filtering

ASA 5505: Adding rules to permit WiFi/VoIP Calling?

Log all ACL on ASA

I am getting this mentioned error in Cisco Firepower Active member.

ASA5506-X cant access wlc-2504

Resolved! FirePower on Multicontext ASA

Cisco Firepower Management IP

Azure pricing calculator with ASAv from marketplace.

Cisco Firepower hardening template

Resolved! what is the difference between dmvpn and flexvpn

ACME on ASA

Reuse Object Group in a single ACL line

CSCwm49782 - enhance sma 2nd cruz heartbeat logging

Security Intelligence feed/list change alerts

FMC 7.4 and multi-instance FPR3130 chassis upgrades

Snort3 rate filter

PBR with AnyConnect

FMC: Automatic renew certificates?

Finding the forgotten IP address of a Cisco PIX 506E

Nexus using sha256 authentication for NTP