05-21-2021 12:37 PM
I am running a couple of Cisco FTD 2110 managed with FMC and am looking for the best way to block access to our remote access VPN by IP. From doing some reading it looks like the best (and only?) way to do this is via a control plane ACL deployed via Flex Config. I saw another post that showed how this could be accomplished via geo but I am unsure on that syntax. I'm hoping someone could provide what syntax is used or point me towards some documentation for this?
Thank you!
03-23-2024 12:46 PM
So here's what I have done to mitigate the whack a mole issue.
I installed 2 OPNSense firewalls as my edge routers to the internet. They have next gen ability to use GEO IP and IP Lists like ET and FIREHOL. Then I setup rules to block traffic based on those lists. I've also created a report in Firepower to give me AAA authentication errors so I can tell how many hits I'm taking and if those IP addresses aren't on a list, then i can add them manually at the edge.
06-19-2024 06:02 PM
Can you do deploy an OPNSense firewall in front of the FTD in transparent/non-routed mode?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide