There is typically no need to duplicate rules between the prefilter and Access Control Policy (ACP). The prefilter in Cisco FTD is an early stage in the packet processing pipeline, and its purpose is to quickly drop obviously unwanted traffic based o...
It seems like there might be an issue with the User Identity policy that is preventing some users from being used in policy, even though their details are being correctly retrieved from ISE-PIC. This might require a closer look and troubleshooting.
...
Let me address each question:
1. Adding an FMC to CDO (CDO)
When adding a Firepower Management Center (FMC) to Cisco Defense Orchestrator (CDO), the minimum commands needed on the firewall may vary depending on your specific setup and requirements....
If you're looking to create a new user account for your Cisco Firepower 4000 series device and grant it the necessary permissions, you can follow the steps below.
Connect to the device using your admin account through SecureCRT or any other SSH cl...
The logs you're seeing are not necessarily indicative of an issue. They seem to be informational messages about URL lookups from the firewall engine. These are URLs that your system is trying to access, and the firewall is retrieving information abou...