Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
After upgrading our FTD 3110 from version 7.2.5 to 7.2.8, we noticed this message: "Platform Faults: 1 critical events; Code - F1312 Description: Failed to upgrade firmware image. I was able to ssh into the cli of the device and the firmware version...
The following document states you can disable the TCP MSS on an FTD. It doesn't show you how.Is it as simple as setting the TCP MSS value to 0 via flex config?https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-confi...
I have an FTD device managed by vFMC. The FTD management port connects to a Cisco 9606 switch copper into rj45 SFP. During my last two software upgrades, communication with the FTD is lost during the reboot process. The 9606 shows up/up; however, you...
We have an FPR 2110 (running version 7.0.1) managed by an FMC 1600, configured as:Transparent mode; Inline set for the inside and outside port. The GRE tunnel terminates on two L3 cisco switches, so we are not trying to terminate a GRE tunnel from a ...
I'm currently testing and planning our FMC-1600 with FP-2110 devices. My firewall solution must work within a closed network (no internet access). I came across AMP and really like what it can do. My question to anyone is, can I enable AMP within a c...
I had similar strange issues with installing a virtual FMC. Delete and reinstalled a couple of times and it finally worked for me as well. Great post. Thanks for your update.
I should have probably looked at the Cisco bug tool prior to posting this.However, if it helps others also, this appears to be cosmetic:https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwm52579
I can definitely confirm that you cannot complete an upgrade if the FTD has pending deployments. The error message you receive is basic to deploy policy, but it really means "deploy your pending deployments" then perform the upgrade.
Great link. I learned that you can disable the TCP MSS value from this link. Cisco didn't show how to do this. I'm assuming that simply setting this value to 0 disables this setting. Honestly, we prefer to allow our endpoints to use their MSS setting...
