Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1651
Views
0
Helpful
5
Replies

ASA 5506 FirePower Configuration

larrycraig
Level 1
Level 1

‎11-12-2019 10:55 AM - edited ‎02-21-2020 09:41 AM

Hello,

    We upgraded our 5505 to a 5506 with FirePower to take advantage of the increased bandwidth and the FirePower Services for security.   Previously we had extensive object groups for access and denial and we wanted to transition to the FirePower for security as much as possible.

 

    Out of the box our FirePower was broken and it took a couple of month to get Cisco to help us get that functional. But the stopped short of helping us understand how to configure it. They added one simple rule to allow everything and that was it.

 

   I am now looking for help, direction, advice on how to configure the firepower for security.  We would like to eliminate some of our groups that were mainly created to deny access to other countries, something firepower is said to do automagically via geo-fencing. I don't want to go down a rabbit hole with this one post, I would like to start with geo-fencing to allow north america only.   Then we will strip out some of our groups and work from there.

 

   Our old method was to subnets based on information off the internet. Then troubleshoot when someone couldn't send us email. It was messy and not a very clean way to secure a site.

 

  Thanks in advance for any assistance.

 

0 Helpful
5 Replies 5

Oleg Volkov
Spotlight
Spotlight

‎11-12-2019 12:49 PM

Hello!

Can You tell us what license on firepower You have?

Also, do You have FMC or You want to configure FirePower from ASDM?

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
0 Helpful

larrycraig
Level 1
Level 1
In response to Oleg Volkov

‎11-13-2019 05:50 AM

The only thing that I can find about FirePower licenses seems to imply that we have the Protection and Control licenses but not the URL Filtering or Malware.  We also do not have FMC at this time and will be leveraging ASDM for configuration.

 

Thank you for your assistance.

0 Helpful

Oleg Volkov
Spotlight
Spotlight
In response to larrycraig

‎11-13-2019 12:46 PM

Ok. I want post detailed instruction later
--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
0 Helpful

larrycraig
Level 1
Level 1
In response to Oleg Volkov

‎01-23-2020 08:09 AM

Anyone else that can supply some direction here?

0 Helpful

Oleg Volkov
Spotlight
Spotlight
In response to larrycraig

‎01-23-2020 11:23 AM

Sorry , I was busy , I try answer tomorrow 

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card