Activity in Security
ASA AnyConnect ldap authentication works but ldaps does not
So I created a copy of my primary firewall HA pair which is the main AnyConnect hub. This primary pair uses ldaps to communicate with my domain controllers.The "copies" are unable to communicate using ldaps, but work fine using ldap. Is this a Cisco ...
Resolved! Increase Cisco FTD and FMC Default Disk size in VMware Workstation.
Hello guys,So as we deploy (add) the Cisco FTD and FMC in VMware Workstation with the .ovf file, the default disk size is very less and since we can thin provision, how can I increase this size to 2 TB.Also, once I upgrade my Cisco FTD or FMC, does t...
Secure Firewall Cluster interface health behavior
Hi,I have two questions on the behaviour of 3100 Secure firewalls in a cluster and interface health checks.We have a pair of 3100 secure firewalls (running FTD), that we have setup in a cluster, managed by FMC. All devices connected to the two FW's u...
import generated YARA rule in Firepower
Hello, How i can import YARA rule in Firepower Thanks,
Required IPs and Ports for Secure Malware Analytics
The Cisco Document Team has posted an article. This document describes the network information that is required to be added to your firewall for the Secure Malware Analytics to operate properly. Know of something that needs doc...
Estreamer to Microsoft Sentinel
Tring to get an on-prem virtual FMC server and Azure based Ubuntu box to operate as estreamer in CEF. Cannot get past the following error TypeError: SSLContext.wrap_socket() got an unexpected keyword argument 'keyfile' - full output below.Ubuntu 24.0...
Resolved! firepower custom URL feed in ACP rule
My understanding is that URL feeds in FirePower SI are updated dynamically and take effect w/o having to do a policy deploy to the FTD. Does the same apply to custom URL feeds used in an ACP rule? My idea would be to create a custom URL feed on a loc...
ASA Failover, Primary becomes secondary but stays active
I have a pair of FPR2130 running ASA code in HA. Everything looks configured OK to me, though obviously there's an issue somewhere! sho failover presents no errors.I need to failover to compete a firmware upgrade, however when via the primary device ...
Fallback procedure for Firepower 2100 series(platform mode)
We are using a Firepower 2100 series.This Firepower is running in platform mode and 9.16(2)14 as the OS. We are considering upgrading to the 9.18.4 series to fix a known vulnerability.I am assuming this will not be a problem as there is a proven proc...
Firewall Port For Cisco ESA
In Firewall Infomation for Cisco ESA, i see port 628 and port 2222 for the direction it show In & In. What is the meaning of In & In ? Thank you
Disable IPS on Firepower 4120 for PSN/PCI Scans
We are currently operating Firepower 4120 devices with version 7.2.6.As part of our annual requirements, we need to conduct PSN scans.To accommodate these scans, it's necessary to disable the IPS feature, as it interferes with the process.Our Access ...
Find Specific logs in ISE for the last 30 days
Hello.I'm new on ISE, I want to find the logs for the last 30 days for all user that failed to connect to VPN with root cause 'wrong password', also the result of comparission between success and failed authentication that showed in Circle diagram if...
Firepower 1120 stuck in boot and factory reset
Hi.We have an 1120 that just blinks green in the status LED.So I've connected to the CLI via USB and can see it stops at "Creating FXOS swap file..." when booting from itself. But also if I try to boot with a new image on a USB.When I try to factory ...
ASA to FTD migration failing when selecting RAVPN.
I am attempting to migrate an ASA configuration to FTD and when I run the migration tool and the below selected the parsing fails. When I deselect RAVPN option the parsing is successful. What could be causing this?I have checked the licencing on the ...
Using an ASA as a router
Hello,the question is in the title. Is it possible to use the ASA as a router between 2 internal networks? interface GigabitEthernet1/1nameif outsidesecurity-level 100ip address 10.0.1.254 255.255.255.0interface GigabitEthernet1/2nameif insidesecurit...
| User | Helpful Count |
|---|---|
| 41 | |
| 39 | |
| 33 | |
| 32 | |
| 24 |
