Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We work with an organization coming in from an AWS EC2 instance trying to connect to an API we have onsite that's behind our Firepower FTD 2130 (7.4.2.1, managed by FMC) firewalls (there is an external/public NAT'd IP address it hits first, but that ...
We have the following identical configuration on 2 Nexus 9K switches in a VPC configuration (both using port Ethernet1/10, both using PO10, and both in VPC10):interface Ethernet1/10description uplink to vSphere vDS 1switchportswitchport mode trunkswi...
I've been tasked with ensuring our network devices are using approved ciphers, KEXs and MACs on our network devices. How can I get a listing from Cisco Nexus 9K switches for each NXOS version? Also, what about Firepower/FTD/FMC? On a client, I can...
Security analysts told us that a network security scan shows that the HTTPS service may be running on the management interfaces our FTD nodes. Trying to access it via browser, it returned the following message:Service UnavailableThe server is tempo...
We have the 2100 series Firepower in a 2-node cluster (v6.2+) managed by FMC (v6.3+). When we migrated from the ASA, the network objects and port objects from the configuration moved over as very generic names in the new configuration. We haven't t...
If it helps, here is a sequence of sanitized logs from Splunk at about the same time from three sources:3/14/25
4:08:15.000 PM
Mar 14 12:08:15 <F5-load-balancer-internal-interface-fqdn> [14/Mar/2025:12:08:14 -0400] - <AWS-EC2-instance-source-ip> - <...
Not sure I have a packet capture system handy as most of this is virtual, but to lay it out:AWS API request on TCP/443 comes in from outside to a firewall upstream (we do not manage this) that does NAT against the public IP on the internal RFC1918 de...
I added the vlan to the port-channel and it automatically added the vlan to the interface config as well. The correct format was:config tinterface port-channel 1-10switchport trunk allowed vlan 100,200,300,400,500Thanks!
@Arunkumar Sathasivamwas this ever resolved? It seems to have been a bug as the other user pointed out. The HTTP option is disabled (unchecked) for the FTD nodes in the Device Management settings as described, but the 503 message still appears when...
Do you know what version of Python this works with on Red Hat? Looks like Red Hat 8 is distributed with 3.6 and we're running Red Hat 7 which currently has version 2.7.5 I need to export policies (with comments) and Objects (networks and ports).
