Network Security

accessing switches via SSH

Hello, I have a couple Nexus 9k switches that have a good amount of interface IPs (SVIs) on them that are used part of the VPC process running between the 2 N9ks. If I take any of those SVIs IP addresses and put in the IP into putty, I can SSH in...

Resolved! ASDM 7.6 NAT configurations and Access Rules

Hello, I am practicing working on a 7.6 ASDM firewall and would like to understand how Access and NAT rules work and also how they are configured. Every where I search it shows for 8.x to higher.. Where can I get the user guide for 7.6? because ...

IOS-XE Version: 03.07.05E Model: WS-C3850-24S object-group no longer available?

Hello, I was wondering if anybody knows about this specific version no longer support object-group ? I upgraded it from 03.07.03 to 03.07.05E and now I don't have an option to configure it. xxxx(config)#ob? % Unrecognized command Device Informa...

Resolved! Upgrade of FMC to 6.1 breaks my FTP

Hi I made a transition of my virtual FMC from 5.4 to 6.1 but kept 5.4.x on my ASA Firepower for a while. Nothing has changed in the rule set while I upgraded from 5.4 to 6.1 but the day after I applied the 6.1 config to my Firepower modules I started...

Need some help figuring out what firewall to get

All, Preface: We currently have an all Cisco ASA infrastructure at our core locations with Firepower and any solution we chose needs to integrate into our existing FMC. In short we have 2-3 small offices with 6-12 workers at each. We want to conn...

how to configure quality of service tags through class map in an ASA firewall

Hello;I need to label traffic from one site to another through a vpn Ipsec with two asa's for aplicate qos, but, in the class map does not allow me to match with more than one element, according to the attached image. Thank you

Rule Updates Sourcefire Management Centres v5.3

Hi,I have noticed that after a rule update, rules in "Drop and Generate Events" mode are added to the Base Intrusion Policy. In the case of an inline deployment this is not desired, thus tuning is required every time. Why does this happen? Is there a...

FirePOWER Upgrade from 5.4.1 to 6.1 from FireSight management

We purchase newly a CISCO 5585-x firepower ssp 10 and firepower module is running 5.4.0.764 version and we need to upgrade it to 6.1 But when i try to upgrade through firesight management, It shows no appiance found I tried with all the upgrade from...

Resolved! FMC 6.2.2.1 / AdRealm Errors

We are recieving the following REALM errors - I cannot seem to find much details on the internet on the Firepower SF-IMS[4384] error codes. Our realm is configured in our identity policy and its configured in our access control policy. When downloa...

block Any download Facility

I tried to block Any download Facility of users using internet, BY Deny FTP and TFTP Through ASA ACL, But user still Can download, like video from YouTube and etch?

Stale "Current Sessions" displayed in UI

FMC 5.4.1.6. The "Current Sessions" widget on the summary dashboard shows user sessions that are months old. I have attempted a database repair and reboot, but they will not expire. Is there a way to expire these session or can I just delete the r...

Cisco ASA 5525

Hi i have cisco 5525 ASA which is connected to core switch and dmz switch and i want the core switch side network (i.e 172.20.x.x) to access the DMZ network (192.168.x.x) and i run the following command on the ASA 5525 access-list inside-to-DMZ exten...

Resolved! ASA NAT one to one

Hello group! It seems I have a puzzle for the cisco team :) Basically what I need to do is build a VPN - ASA to ASA. Thats not a problem. -The issue is that the private IP of the hosts we are using, are being used from the other side also and I a...

FIREPOWER not blocking hotspot shield

HELLO EVERYBODY, My FIREPOWER doesn't block the application hotspot shield. Can you help please?

CVE-2018-0101 vulnerability

I am basically coming here to see if anyone else, not a very big expert in Cisco, has found something about this CVE-2018-0101 vulnerability that actually helps them out, instead of ending up at a page like this: https://supportforums.cisco.com/t5/se...

Network Security

Forum Posts

accessing switches via SSH

Resolved! ASDM 7.6 NAT configurations and Access Rules

IOS-XE Version: 03.07.05E Model: WS-C3850-24S object-group no longer available?

Resolved! Upgrade of FMC to 6.1 breaks my FTP

Need some help figuring out what firewall to get

how to configure quality of service tags through class map in an ASA firewall

Rule Updates Sourcefire Management Centres v5.3

FirePOWER Upgrade from 5.4.1 to 6.1 from FireSight management

Resolved! FMC 6.2.2.1 / AdRealm Errors

block Any download Facility

Stale "Current Sessions" displayed in UI

Cisco ASA 5525

Resolved! ASA NAT one to one

FIREPOWER not blocking hotspot shield

CVE-2018-0101 vulnerability

Congratulations to the July 2023 Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Unable to SSH into virtual FMC

Application Filtering for Office365

"Failed" successful CSM policy deployments to single ASA context

Multiple Port Channels using same VLANS? FP1010

FMC: connection event disappeared.

FPR 1140 Upgrade Failed - No GUI

Firepower 31XX mult-instace deployment

ASA interface Subnet

Public IP address Natting

HA Pair FTD Ver.7.3.1 SNMPv3 problem