Correct - you need AnyConnect client licenses. They are not very expensive but they are required. Minimum purchase is 25 each one year licenses @ US$6/user/year list price (US$150 net for one year). ... View more

ACLs are (generally speaking) for traffic going THROUGH the firewall - not traffic TO the firewall. It's as @RJI said for allowing management traffic (which terminates on the firewall - i.e., TO the firewall). ... View more

The question is regarding FMC hardware appliances ("FMCs") - not FMC running as a VM. The Cisco hardware appliances are based on Cisco UCS C220 M4 and M5 type servers. However we do not have the option of using the CIMC interface on those appliances. ... View more

Can you share your details? Such as: version of Firepower, your current Flexconfig, what results you are seeing. ... View more

Your expired license will continue to work for end users. Management of the features for expired licenses will be curtailed. See the following, quoted from the ordering guide:   Relevant ISE releases: 2.2 and later Out of compliance: A license is out of compliance when (a) the deployment uses more than 125% (to account for a temporary burst of usage) sessions compared to the quantity purchased; or (b) the licenses have expired without renewal. Compliance enforcement: The impact described below is experienced after a deployment is out of compliance for 45 out of 60 consecutive days. Alerts will be provided every day that a license is out of compliance. For term licenses, alerts are provided, 90, 60 and 30 days before expiry and also for the last 30 consecutive days before expiry. Impact: There will be no impact to end users. Existing configuration continues to operate without disruption. However, visibility and management of the features associated with an out-of-compliance license will be affected. ... View more

It's still not supported. I haven't heard anything different - even with the soon-to-be-release Firepower 6.6. ... View more

In addition to what @Francesco Molino noted, also please use the Cisco ASA template - not the IOS one. ... View more

You should be able to use the Cisco ASA template for Zabbix to monitor Cisco Firepower Threat Defense (FTD) devices. ... View more

@rcoleman67 this thread is 13 years old. The state of maturity in the pen testing world is a bit different now than it was in 2007. ... View more