Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1743
Views
0
Helpful
4
Replies

Cisco Firepower 2130 Threat Defense

Go to solution
juanchicaiza
Level 1
Level 1

‎01-28-2020 02:39 PM - edited ‎02-21-2020 09:52 AM

I have the new generation firewall Cisco but I have two questions?


a) Is normal that the deploy is too slow ?

b) How to monitor VPNs?

 

The versión IOS is 6.5.0.

 

thanks for you help me!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-28-2020 03:37 PM

A typical policy deployment takes 2-5 minutes. The latter time (or more) especially if you have an HA pair.

Site-site VPN monitoring is difficult with FMC as of the current 6.5. You do have the ability to use the show vpn-sessiondb command from the FTD device cli.

This will all change for the better going forward

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Muhammad Awais Khan
Cisco Employee
Cisco Employee

‎01-28-2020 03:09 PM

Hi,

 

Are you using Fire Power Manager Center/FMC to manage your Firepower 2130. If yes then you will feel small delay which can be around 30-60 sec when you deploy. Actually in the back end FMC is communicating with the Firepower 2130 to deploy the configuration which you have just make.

 

To monitor the active VPN connections, you can goto Analysis, Users,->Active sessions, active sessions. You will see the one with VPN have authentication method specified as VPN Authentication. You can also filter your search from same page. Also for past connection, you can goto Analysis, Users,->Active sessions, users and further you can filter out your search.

 

I am attaching snapshot from 6.4 FMC which might look similar.

Preview file
272 KB
0 Helpful

Go to solution
juanchicaiza
Level 1
Level 1
In response to Muhammad Awais Khan

‎01-29-2020 10:25 AM

In advance I appreciate your response.

First answer, yes, I use FMC to administer the Fire power but in my case it take abauot 4 to 6 minutes to deploy.
Second answer, I was referring to VPN site to site, I do not have a summary of VPNS, for example only VPNs dashboard.

 

thanks

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-28-2020 03:37 PM

A typical policy deployment takes 2-5 minutes. The latter time (or more) especially if you have an HA pair.

Site-site VPN monitoring is difficult with FMC as of the current 6.5. You do have the ability to use the show vpn-sessiondb command from the FTD device cli.

This will all change for the better going forward

0 Helpful

Go to solution
juanchicaiza
Level 1
Level 1
In response to Marvin Rhoads

‎01-29-2020 10:31 AM


First response, That is my scenario, that time takes me in the deploy.

Second answer, correct to see the status I do using CLI, there should be a summary dashboard of the status of the VPNs, hopefully improve soon.
Thanks !.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card