These are the 2 documentations that we followed to ingest Cisco device syslog into our Sentinel instance: https://learn.microsoft.com/en-us/azure/sentinel/forward-syslog-monitor-agenteStreamer eNcore for Sentinel Operations Guide v4.0.9 - Cisco Issue...
Forum Posts
I am using 2 ASA 5512Xs with the same bin, version 9.12(4).67 , hardware (4GB ram and clarkdale 2.8Ghz cpu), and license (security plus) but when I do show failover state it says there is a communication failure between the two. I am connecting them ...
I'm new to using cdFMC and planning to add two FTDs configured for high availability. What are the recommended interfaces for management? Should I use a data interface for management purposes on both firewalls (two public IP addresses)? Additionally,...
Hi All, How can I solve this flexconfig error for "access-group". My FMC version is 7.7.10 & the FTD devices (in high availability) version is 7.6.1Thanks.Nakpane
I'm planning to update the ASA and ROMMON software on a ISA3000. I've tested it in our lab first and during the testing I've been connected through the console port. This is nice as I can see what is going on during the reload processes. However, whe...
Is there a way to exempt traffic from a packet capture on an FTD firewall running version 7.6? My situation is that I need to know what an ID sensor that sits inside the network (at 172.31.11.224) is sending traffic to. The problem is that the firewa...
Hello Community,I have Active Directory successfully integrated with FMC.My goal is to apply a Dynamic Access Policy (DAP) to my FTD, where the DAP should match a specific Active Directory group and apply a corresponding access policy (for example, A...
Hi All,I've asked a question a few days ago on this 4 year old post but unsurprisingly haven't had any response so starting a new post. We had a requirement to allow wildcard access to a remote SQL server over tcp/1433, as the host portion of the des...
Resolved! FPR 2130: Troubleshooting ASP Drops
Hello, We have an FPR-2130 pair (Active - Standby) and I recently see increased ASP Drops (see attached image). It is supposed to be "Flow Denied by access rule, Flow Denied by configured rule".We need to understand better what this is about.How can ...
Hello everyone,I need to send zeek logs to Cisco SNA (flow collector)According to the Cisco manual:“Format: The zeek log generator must add the zeek_filename="xxx.log" tag before the JSONL string for the Flow Collector.”I need help about, adding the...
Is there a way to recover the credentials for an FMCv300? The individual who managed the FTDs/FMC left the organization and the folks that are supposed to now manage the environment cannot find the FMC credentials.
I have FMC that is managing two FTDs. I am planning to start using cdFMC. What is the needed licenses for cdFMC. Also, do I need to have the FMC or I can just stop using it.
I am trying to limit internet access for a server that needs access to several wildcard based domains and I can't figure out if that is possible on a Firepower FTD managed by FMCAs an example, one of the requirements is*.compute-*.amazonaws.com - TCP...
In the installation of FTD 7.6.2 (recommended version) in a new Cisco Firepower 1120 loaded with ASA v9.20.3. We attempted to reimage the appliance using the console USB port. We downloaded the installation image from the Cisco Software portal (check...
Hi all. I'm trying to migrate an FMC-managed FTD 4125 HA pair to a pair of FTD 4215s. FMC and all of the FTDs are running 7.4.2.1. Is there any way to migrate the FTD interfaces, routing, etc over to the 4215s? I talked to the TAC and they told me ...
