Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect, Duo, Secure Access and more.
So I created a copy of my primary firewall HA pair which is the main AnyConnect hub. This primary pair uses ldaps to communicate with my domain controllers.The "copies" are unable to communicate using ldaps, but work fine using ldap. Is this a Cisco ...
Hello guys,So as we deploy (add) the Cisco FTD and FMC in VMware Workstation with the .ovf file, the default disk size is very less and since we can thin provision, how can I increase this size to 2 TB.Also, once I upgrade my Cisco FTD or FMC, does t...
Hi,I have two questions on the behaviour of 3100 Secure firewalls in a cluster and interface health checks.We have a pair of 3100 secure firewalls (running FTD), that we have setup in a cluster, managed by FMC. All devices connected to the two FW's u...
The Cisco Document Team has posted an article. This document describes the network information that is required to be added to your firewall for the Secure Malware Analytics to operate properly. Know of something that needs doc...
Tring to get an on-prem virtual FMC server and Azure based Ubuntu box to operate as estreamer in CEF. Cannot get past the following error TypeError: SSLContext.wrap_socket() got an unexpected keyword argument 'keyfile' - full output below.Ubuntu 24.0...
My understanding is that URL feeds in FirePower SI are updated dynamically and take effect w/o having to do a policy deploy to the FTD. Does the same apply to custom URL feeds used in an ACP rule? My idea would be to create a custom URL feed on a loc...
I have a pair of FPR2130 running ASA code in HA. Everything looks configured OK to me, though obviously there's an issue somewhere! sho failover presents no errors.I need to failover to compete a firmware upgrade, however when via the primary device ...
We are using a Firepower 2100 series.This Firepower is running in platform mode and 9.16(2)14 as the OS. We are considering upgrading to the 9.18.4 series to fix a known vulnerability.I am assuming this will not be a problem as there is a proven proc...
We are currently operating Firepower 4120 devices with version 7.2.6.As part of our annual requirements, we need to conduct PSN scans.To accommodate these scans, it's necessary to disable the IPS feature, as it interferes with the process.Our Access ...
Hello.I'm new on ISE, I want to find the logs for the last 30 days for all user that failed to connect to VPN with root cause 'wrong password', also the result of comparission between success and failed authentication that showed in Circle diagram if...
Hi.We have an 1120 that just blinks green in the status LED.So I've connected to the CLI via USB and can see it stops at "Creating FXOS swap file..." when booting from itself. But also if I try to boot with a new image on a USB.When I try to factory ...
I am attempting to migrate an ASA configuration to FTD and when I run the migration tool and the below selected the parsing fails. When I deselect RAVPN option the parsing is successful. What could be causing this?I have checked the licencing on the ...
Hello,the question is in the title. Is it possible to use the ASA as a router between 2 internal networks? interface GigabitEthernet1/1nameif outsidesecurity-level 100ip address 10.0.1.254 255.255.255.0interface GigabitEthernet1/2nameif insidesecurit...