cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
536
Views
0
Helpful
4
Replies

SPI Enabled or not in FTD

adity
Level 1
Level 1

SPI Enabled or not in FTD

 

My auditor ask the below points evidence, kindly check and pls help us

1. 

Provide screenshot to show stateful inspection enabled on external firewalls in scope.

2. 

Provide screenshot for anti-spoofing access list or similar settings on external firewall and/or router.

4 Replies 4

ccieexpert
Spotlight
Spotlight

firewalls are by default stateful.. from cli "show conn" will show the stateful connection. as for anti-spoofing ..follow this: https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/interfaces_for_firepower_threat_defense.html#task_34BB9AC8E91946AB847C65FB79D67A5F

We are using the FMC-V setup, and not able to see the options which mentioned in the link

You have to connect and ssh to your FTD managment port. once connected you need to give command "system support diagnostic-cli" once you in the lina you can issue command "show conn"

Here good documentation to start from.

please do not forget to rate.

ccieexpert
Spotlight
Spotlight

what version of FMC ? it doesnt matter virtual or hardware similar options should exist.. also "
show conn" can be run from the FMC for a device .

You can also access the CLI tool through the health monitor for the device (System (

ccieexpert_0-1718343159797.jpeg

 

) > Health > Monitor). From there, you can select the device, click the View System and Troubleshoot Details link, click Advanced Troubleshooting, then click Threat Defense CLI on that page.

Review Cisco Networking for a $25 gift card