Hello team, I want to use Firepower3120 in multi-instnace mode. I going to create a port-channel on the chassi and assign it direct to instance. The question: is it possible to create subinterfaces for VLANs on portchannel in the instance? I ask, bec...
Forum Posts
Hi,I found configuration below on my customer switch:Extended IP access list ACL-POSTURE-REDIRECT10 permit tcp any 10.0.0.1 0.255.255.0 eq wwwAnyone know what is mean of wildcard 0.255.255.0 ?Glad to hear your response!
Dears, I'am using FTD 6.6.1 managed with FMC, i Configured Internal Certificats, Trusted Certificat, add DNS target with the routed interface, configured the Identity Policy, added it to the Access Policy and allowed it.When now i go the user compute...
Dear Cisco Community, Current in my lab using ISE 3.x with SC 5.x only check Anti-Malware (CS)installed. I plan to config more posture check by enable CS check both (installed and Running). Can you share good practice and how to config it? Thanks for...
I had recently a problem with AzureAD integration with Cisco FMC 7.4.2 and it was getting integrated and was able to partially downloaded and it was giving SQL related error. to get this resolved some highly contained object groups i did excluded wit...
Hi We got the below info from Qualys for security vulnerability issue in device Nexus9300. Look like cipher need updated and ssh rsa key length needs to be changed. I reviewed the below link, but cannot find some configuration to change cipher or ssh...
Recently we renewed Public CA certificate from Entrust to DigiCert for ISE system EAP Authentication, and since then, devices have been failing to authenticate via EAP-TLS. These devices obtain endpoint certificates through the BYOD portal. This is h...
hi, when ever I'm using cisco asa in eveng NOT the ASAV, most of the time the asa it is not showing any interfaces but once in a while is shows interfaces, anybody has any idea of remedy it ? Thank you.
Hi.We have an 1120 that just blinks green in the status LED.So I've connected to the CLI via USB and can see it stops at "Creating FXOS swap file..." when booting from itself. But also if I try to boot with a new image on a USB.When I try to factory ...
Hi Fellas,I have a question, regarding how the ASA with IPS module or Firepower with intrusion policy is able to check VPN traffic.The traffic is coming from a L2L tunnel and does a U turn pointing to a VTI so the traffic never pass through the devic...
Hello,we've a Cisco Firepower 2110 Threat Defense and we're going to move to M365.There's a large set of applications which I can setup in the firewall rules.Is there a best practise guide to setup our Firepower for the inbound and outbound rules? Ou...
good day, in-between TAC support renewal so can't open a case on this , so figured i'd ask of The Communityare there any add'l steps for Azure Gateway-side for traffic-flow thru FTD-based s2s ikev2 tunnel ?got the Tunnel 'up' but no traffic .... have...
This might be a dumb question but how would you set up the ASA firewall 1000 without internet connection? I have a switch that connects to it. I think I can console into it with putty but isnt there a gui ?
I have an ASA that I keep getting this error in the ASDM Syslog messages which I need to fix to troubleshoot a device. Severity 3 Syslog ID 313001 Denied ICMP type=8, code=0 from 10.21.1.100 on interface Work_interfaces I am a rule that permits ICMP...
Resolved! ASA cluster IFC failure
Hi, Team we had an issue with the ASA failover the one should show standby , but it show failed State Last Failure Reason Date/TimeThis host - Secondary Active NoneOther host - Primary Failed Ifc Failure inside: Failed could you help to undertand ...
