About davparker

davparker · 09-30-2024

We just renewed our Cisco contracts. Come to find out our Cisco Secure Firewall Management Center for Virtual expires on April 30, 2025. This was not flagged during the renewal process. We are licensed via a Smart Account. Apparently our license stil...

davparker · 09-18-2024

We have a managed router solution on our WAN. We don't have direct access to the router, configs, logs, etc. (Inherited this design).MRS <-> C9300 (layer3)At each location the C9300 switch is also configured as the DHCP server.At one location, the pr...

davparker · 08-22-2024

I just implemented a correlation policy to scan New Host Discovered and Unknown Operating System rules using NMAP. I have a test box in the network protected by FTD. To test the policy, I deleted the test box host record then started generating traff...

davparker · 08-15-2024

Hello,I'm trying to configure Cisco Secure Firewall ACP File Policy to exclude Windows Updates from being scanned. I inserted an ACP rule just above the rule with the File Policy. It simply allows traffic to Microsoft Updates or Windows Updates with ...

davparker · 07-08-2024

I've got a weird issue. Per policy, I've got a list of categories/URLs for web sites to do not decrypt. In my SSL Policy I created rules for each classification so I can track which rule gets hit for DND. Every rule has logging enabled, even the Defa...

davparker · 08-23-2024

I found the Cisco Secure Firepower documentation on setting up decryption to be lacking. If you are in an Active Directory environment, this video may be useful.https://www.youtube.com/watch?v=tAIdcZ3EBiwOnce you have the Sub-CA enabled and are able ...

davparker · 08-23-2024

Yes, network discovery is enabled sometime prior to implementing the correlation policy. It had already detected my test box previously. I also schedule weekly nmap scans on the FMC for the network. The host profile was built out. I just deleted the ...

davparker · 08-23-2024

Have you tried a rule where you block the detected application? You could try inserting that about the rule that blocks the URL list.

davparker · 08-22-2024

Everything looks good now. I tweaked the rule config and Windows Update traffic is matching the rule. I did change it to trust as well.Thanks - David

davparker · 07-25-2024

I do have a TAC case open. I was able to demonstrate the problem with the Unified Event viewer missing log data. Connection Events and Syslog data are fine. At the moment not depending on Unified Events viewer for troubleshooting.

Member Since	‎04-14-2023 01:48 PM
Date Last Visited	‎09-19-2024 03:36 AM
Posts	44
Total Helpful Votes Received	9

User Statistics

User Activity

EOS EOL Cisco Secure Firewall Management Center for Virtual

DHCP Snooping C9300 switch acting as a DHCP server

Network Discovery and Correlation with Scan New Host

Cisco Secure Firewall File Policy exclude Windows Updates

Secure FMC Policy Trace SSL Decryption?

Re: Blocking TikTok app on Firepower 2140

Re: Network Discovery and Correlation with Scan New Host

Re: Blocking TikTok app on Firepower 2140

Re: Cisco Secure Firewall File Policy exclude Windows Updates

Re: Secure FMC Policy Trace SSL Decryption?