We have a Cisco ASA 5585-x in multi-context mode in our environment. I did a packet capture in one of the contexts and analysed the same on CLI. However, I would like to export it and view the same on Wireshark but my attempts were not successful. I ...
Forum Posts
In the installation of FTD 7.6.2 (recommended version) in a new Cisco Firepower 1120 loaded with ASA v9.20.3. We attempted to reimage the appliance using the console USB port. We downloaded the installation image from the Cisco Software portal (check...
These are the 2 documentations that we followed to ingest Cisco device syslog into our Sentinel instance: https://learn.microsoft.com/en-us/azure/sentinel/forward-syslog-monitor-agenteStreamer eNcore for Sentinel Operations Guide v4.0.9 - Cisco Issue...
For ASA webvpn we request a certificate from the client which is checked against an internal CA.We have configured revocation-check with protocol ldap and it is working.Certificate has CRL URI:ldap:///CN=xyz.-abc-CA2(4),CN=ABC-CA,CN=CDP,CN=Public%20K...
Is there a way to exempt traffic from a packet capture on an FTD firewall running version 7.6? My situation is that I need to know what an ID sensor that sits inside the network (at 172.31.11.224) is sending traffic to. The problem is that the firewa...
Resolved! FMC, pxGrid and SXP
Hi,Quick clarification. In the FMC, when it says "Subscribe to SXP topic", does it mean that the FMC gets the SGTs data from SXP over pxGrid, right? That's why we need to have the "Publish SXP bindings on pxGrid" checkbox enabled in ISE and there is ...
Good Day All, Hoping you can help me here. I have an old SKU for FMCv on vmware. (FS-VMW-2-SW-K9) Though I'm trying to renew the support SKUs attached to as well. (SWSS/CON-ECMU-VMW) However, because the above FMCv SKU is end of sale. Is there a gene...
I have experienced the weirdest thing. I converted a fpr-1010 from ASA to FTD. I only had port 1 and the management port connected. I was able to configure it, obtain licensing and test out anyconnect. As soon as I would connect anything to any o...
Hello,I am a little confused about the following statement on the document Security and VPN Configuration Guide, Cisco IOS XE 17.x - IPsec Anti-Replay Window Expanding and Disabling [Cisco IOS XE 17] - Cisco"Moving QoS scheduling before the encryptio...
I went to update a pair of FPR1140 that are in HA yesterday using FDM. I had read conflicting instructions online. Ciscos instructions were saying log on to the standby unit (which i cant as its in HA) so I went with some other instructions that sai...
Good Day Everyone.I have a Cisco Firepower Management Center for VMwareSoftware Version 6.5.0.4Operating System Cisco Fire Linux OSOperating System Version 6.5.0that is attached to an ASA5508 Can I safely shut down the Firepower Management Center VM ...
Hi Community,Before upgrading FMC to version 7.4 or later, please verify whether you have an FTD or eStreamer service connected to the FMC in the subnets 172.18.0.0/24 or 172.18.1.0/24. This is important because, after the upgrade, two additional i...
Hi all. I'm trying to migrate an FMC-managed FTD 4125 HA pair to a pair of FTD 4215s. FMC and all of the FTDs are running 7.4.2.1. Is there any way to migrate the FTD interfaces, routing, etc over to the 4215s? I talked to the TAC and they told me ...
Resolved! FMC External Authentication
Hello,We have Cisco FMC, version is 7.0.1I would like to configure access to the FMC based on AD Groups, integration done thought LDAP. At this moment we have 2 AD groups:First - Full Access (Grant-FMC-Admin), Second - Read Only Security Analyst (Gra...
Hello everyone.I'm currently setting up a FMC and while attempting to use external authentication via LDAP, for some reason the FMC is not querying properly.Basically whenever I attempt the test the query, it only finds user machines and groups CNs ,...
