hi, i got a pair of ASA 5520 that i want to enable HA-active/standby. since ASA 8.2 requires both units to have identical licenses, i'm unable to enable HA due to anyconnect essentials license not enabled on the primary/active unit. is there any way ...
I get a crictical error message on FMC saying the following: ASA5555: URLFilter used count will exceed total by 2 licenses.ASA5555: MALWARE used count will exceed total by 2 licenses However for My ASA though the SFR is fail-open and I am allowing a...
Hi Community! We're replacing a 5505 ASA with a 5506-X running ASA 9.8.2 with FirePOWER 6.2.2. We also have 2x new 4120's running FTD that we will be managing via a virtual Firepower Management Center (VMware). My question is, can we fully manage...
Hi all, sorry if this has been answered somewhere else, doing a quick search I didn't find anything. Does anyone know if EEM is supported on Active/Active HA pairs? We run version 9.8(2)17 and I don't see the commands available. I have tried runnin...
My firepower reports that there are indications of compromise on a few computers every day. when i drill into the analysis, the malware event was blocked (with reset) with my policy. So the devices have not really been compromised. is there some wa...
Since the documentation says this: The Firepower System does not support trusted AD domains. This means that the Firepower System does not track which configured domains trust each other, and does not know which domains are parent or child domains ...
Hey Fellow Cisco Professionals, I am working on enabling FIPS mode on my ASAs(5516x and 5512x) but my site to site and remote access VPNs break after enabling FIPS. I'm having trouble finding good documentation for any prerequisites or caveats for...
Hi All,I am new to working on Cisco Firepower and was looking for guidance on the following:I need to create an access rule to allow access to the Office 365 services.I have all of the domain names required to add to the rule e.g. *.office.com, *.sha...
Hi, I have two 5512 ASA's. I did configuration that FW-2 become Active and FW-1 become Standby. But when I power on the devices always FW-1 become Active. I checked the "show failover state" command I saw that "Ifc Failure" reason. But I check the mo...
Hi, Hi, I'm planning to upgrade my cluster of ASA from 9.7(1)24 to 9.10.1. I wanted to know if someone already has done this upgrade ? is there any point of vigilance? Also i have VPN and hostscan profiles on the ASA , can they be upgraded dire...
Hello,My remote IP is 200.20.x.x network each private IP is nat inside with a public IP address into my core router. From my core, I was able to ping all the remote sites 200.20.x.x but unable to ping the public IP's. From my remote, I was not able t...
Hi All, Anyone was successfull in installing IPS 7.0 on GNS3? I was able to get 6.0 working but 7.0 keeps producing errors like "Connection refused: Network error". I tried with different windows 7 and 8 machines but the same thing happens. If anyone...
Hi, I have two 3850 switch in stacking and uplink from each switch will be connected to Meraki MX65 for redunancy. As I know Meraki doesnt support port bundeling so can I give same IP Address to both ports of Meraki connected to 3850 switch, so if 1 ...
Hi friends, on a freshly installed FPR 4110 (2.4(1.222)), traceroute (as a command) doesn't work: PJFPR# connect local-mgmt PJFPR(local-mgmt)# traceroute 8.8.8.8Invalid parameter in , allowed characters are: a-zA-Z0-9. /:@_[]~-PJFPR(local-mgmt)# Any ...
Is 6.2.3.10 supported on a 5506 running 9.9(2)? From the documentation it seems to be, but I'm having a hard time upgrading from the base 6.2.3 to 6.2.3.10and I didn't notice any intermediate image being required. I've tried the upgrade twice and eac...
