Hello, To make real time detection more effective, how to find the Cisco device alert pattern for real time detection of attack? For example, SQL slammer worm, Cisco IDS will fire its related/specific signature. For any Trojan activity IDS will fir...
Forum Posts
Hi, I tried searching over the internet but I only saw FP2100 for password recovery. How I can do password recovery for ASA running in FTD? Thanks
I have users trying to access a host that is showing up in FMC events with "red" computer icon which means compromised. The action is allowed in the event log. I have also added this host to bypass the sfr and i still the client getting tcp resets to...
Hello, I want to create an active/standby failover set-up for an existing production multicontext FW. I do the usual failover configuration, replication ends, so far so good, but after 5 minutes the secondary/stanby unit gets stuck in the bulk sync...
Hi, hope I am posting in the right area... I have inherited the responsibility for this wiped CISCO 5515x after the company split up, etc ... I have managed to learn how to login, using Mac OSX, Terminal, etc and wipe and do a basic setup config.I h...
Does anybody know if its possible to use the public outside ip-address as translated nat address on an site 2 site tunnel? Translate all local ip-addresses to public ip, then tunnel the traffic via site2site tunnel to remote site. Or do one have ...
I've written a FMC REST API client module in Perl 5 which we use to cleanup access policies generated by the Cisco Firepower Migration Tool.It can be found at https://metacpan.org/pod/Net::Cisco::FMC::v1. It can be used from Perl 6 Raku as well using...
Hi,Internal users can access FTP server using it's public IP but external users can't access the same server using the same public IP. I have a nat statement as follow(LAN-Inside) to (AT&T) source static FTP-Server-Private A_12.218.61.83 dnswhere the...
Hi Team,I have a requirement from unboxing ASA to the configuration for 10 systems (LAN-connectivity behind the firewall).We have WAN connectivity from UK to IND (assuming) -Like P2P.UK users want to access the application from IND and IND users want...
Hi. I have a question about fmc create snort rule. alert tcp any any -> any any (msg:"F-SCN-WEB-181102-wpscan_attempt"; flow:established, to_server; content:"User-Agent|3a 20|WPScan"; nocase; http_header; fast_pattern:only; metadata:service http...
Resolved! Firepower ACP Oddness
Hi All, I have an issue with a small Firepower deployment. I have a single FTD 2210 appliance that has a simple ACP applied that permits outbound ICMP, DNS and HTTPs traffic using application rules. See attached screenshot. This works ok, however, if...
Hi, I had some trouble to let the ASA sub-interfaces to be able to reach each other. Here is the topology diagram description:one 9300 SW has port 47 and 48 link to ASA 5525 port 1 and 2 via port channel. I create two sub-interfaces on ASA under PO1 ...
Hello everybody we have 2 firewalls in our network 1 5550 and one 5585-x and the problem is we can not monitor the chassis and cpu temprature via snmp.after a lot of search i have found a cisco bug : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCu...
Hello, I am working with a customer that want to use the URL filtering function in his ASA 5545-X with firepower services. I have a similar setup in my LAB for testing purpose and I have create a SSL Policy that are using a Microsoft CA signed cert...
Resolved! ASA 5510 Routing
Hi Guys,I just got a ASA 5510 and have some problem during setup.Below is my sample diagram:PC(10.126.183.225) ----- ASA e0/0 (10.126.183.228/29) ---- ASA e0/1 (172.16.0.1/24) ---- PC(172.16.0.50)Both pc can ping to the gateway interface at ASA but t...
