Security

ESA huge amount of traffic on external Interface via Port 80

Hi everyone,we're using a single ESA C300V with round about 1100 E-Mail users. Our network team detected a huge amount of traffic on the ESA's external Interface (from/to Internet) on Port 80 and on Layer 7 "web-browsing" and asked me what's going on...

ISE 2.7 to 3.2 migration

hello I am working on an ISE v2.7 to v3.2 upgrade /migration I have staged a VM with a v3.2 build I am trying to understand the timing of the handover for example if I restore the production configuration & install the certs from v2.7 to the v3...

Node not able to join deployment

I am unable to join a node to the deployment even though I am able to ping PAN to new node and vice versa? What could be stopping this?

FTD Missing Logs

FTD 7.4.1I’m currently troubleshooting an issue with our FTD and I’m unable to generate logs, which is puzzling. I ran a system support trace that produced a few logs with an ID, and I matched that ID to my access list, confirming that logging is ena...

Geolocation data not showing after uppgrading FMC to 7.4.2.1

Hello, After upgrading a coupple of FMCs to version 7.4.2.1, we noticed that the "Initiator Country" on the connection events page no longer show any data. We tried to manually update the GeoDB file, but we still not seeing any country information. H...

Resolved! FMC-ASA-SFR compatibility

Hello Cisco Community,I have an ASA 5545-X running with the following versions:ASA Software: 9.14(4)24Firepower Module (SFR): 6.6.7Firepower Management Center (FMC): 7.0.6I'm planning to upgrade my FMC to version 7.3, but I'm unsure about the compati...

Resolved! Setup wizard not working for virtualized ISE 3.3

Hi everyone,While deploying ISE 3.3 on VMware, I encountered an unusual issue. When I entered the "setup" command, there was no response. I’ve tried resetting the VM, rebooting it, and even powering it off and back on, but the problem persists.All th...

is public to public NAT possible?

I have traffic flow like shown below -A Microsoft public IP > a public IP on our DMZ firewall on prem > NAT > an private IP on prem.Is it possible to configure FW to forward traffic as shown below?A Microsoft public IP > a public IP on our DMZ firewa...

Have any CISCO On-premise mail security?

If you have CISCO on-premise mail security, kindly give me a datasheet of this.

Howto: TLS cipher and version analysis for 802.1X clients using Syslog

Hi community,I was challenged to find out, which 802.1X supplications use legacy TLS versions (and ciphers) for TLS based EAP methods (like EAP-TLS or PEAP). Main motivation is to harden the ISE configuration by disabling legacy TLS versions and ciph...

Resolved! Operating System policy - Android 15

In my Global Policy, I have an Operating system setting:Allow Android devices:Encourage users to update if less than the latest.Encourage to update: after 30 days.Block versions: if less than the latest.Block: after 60 days.The problem I'm having is ...

Fmc migration

We are planning to move the Cisco FMC server from the CentOS KVM server to the Ubuntu 22.04 KVM server. Does anyone have any document for same. Additionally what are the precaution need to take to address this

FMC Policy Export

HiThe Cisco Doc for the Policy import/export says the below, Does this mean just the FMCs should be on the same version and the FTD can be on a different version ?? (The importing and exporting appliances must be running the same version of the Firep...

TEAP Problem with Windows 10, ISE 3.2 with Patch 7 and EAP Chaining...

Hi all;Consider the following scenario:The client is configured as follows:The target computer and the user both have installed required certificates installed as you can see below:Now, the client machine is booted up and the following event is recor...

FTD 1010 ACP with manual URL not blocking

Hello, community!I'm using FTD1010 managed by FDM with latest FW 7.4.2-172. I'm getting unexpected behavior with the box, that passes traffic however it should not do so.I configured 2 rules with logging:I configured SSL Decryption to match this traf...