Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I would like to upgrade the FTD equipment on my campus to release 7.4.1 (latest available), but I can't understand if it is reliable or not. Cisco continues to recommend release 7.2.5 (which has serious security bugs anyway). Version 7.4.1 was releas...
Hello,
I have a problem with the HA configuration of two FMCs. In the standby appliance in the sftunnel configuration file I found an ip address which does not exist and which the process keeps trying to reach. After some investigation I found that t...
After several policy imports from ASDM to FMC I am going to migrate some policies created through CSM. The tool is still the same (Firewall Migration Tool 2.5.3) and the firewall model is the same as the previous ones (ASA 5585) but after the migrati...
Sorry for the perhaps obvious question but I got slightly lost. What is the difference between the syslog configuration set under FMC-Devices-Platform Settings and the one that is done under FMC-Policies-Logging?My goal is to get the Policies log lik...
Good evening, a simple question.Is there a match between ports (UDP-TCP) and applications in the FMC?In the case of a policy configuration I would like to use applications instead of ports but I am in the situation of not being able to find any appli...
Hello Bandi,
version 7.2.5 has the following security vulnerabilities:
CVE-2024-20353
CVE-2024-20359
CVE-2024-20358
I think I will upgrade to version 7.2.7 although I cannot understand how after almost a year the development of version 7.4 is still u...
Hi BB,
the migration tool works perfectly and I extracted the policies from the ASA and submitted to the FMC. Unfortunately, the rules are not aggregated by source or destination as in the CSM. In previous imports (again from ASA cfg file) I obtained...
HI BB,thanks for the answer but I was interested to know if (as for other firewalls) there is a match between services and ports involved in the service. If it doesn't exist it would be interesting to insert it in the Applications Detectors descripti...
Hi Milos,in a multi instance environment I cannot create a subinterface on interfaces that are part of an instance using Firepower Chassis Manager (I received the following error: Failed to create the subinterface, because the parent interface, 'Ethe...
Hi Rishabh,
thank you for your answer
After your replay I checked the ACS configuration looking at the privilege cmd list in Shell Command Authorization Set.
In effect I forgot to include "more" command in the shell list and after the correction the ...
