Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I have a Firepower 1010 with currently version 7.0.0 FTD image installed (also tried with 6.6 and 6.7), but i am unable to get IPv6 working. My ISP provides me with IPv4 address through PPPoE, and a /48 IPv6 prefix through normal DHCP. IPv4 is wo...
I have a strange issue on a fresh installed Firepower 1010 box. The firewall has a normal internet connection configured, and is registered with it's smartnet contract.It is able to get the hourly Security intelligence feeds, but fails the geo, intru...
Hi,
On our Firepower system we block all incoming malware after file lookup.
We have an issue on incoming SMTP traffic; because the incoming malware has been blocked (and connection is reset), the sending SMTP will retry to send us the same mail wit...
I opened a TAC case for this, looks like prefix delegation isn't possible without Firepower Management Center. TAC pointed me to https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx24561, so i'll keep an eye on that.
I'm a bit further with information from my ISP. It turns out that they use IPv6 prefix delegation, so i should setup the Firepower interface to use that.I cannot find how to set up prefix delegation, but i found a bit of asa code to set an interface ...
Thanks for the replies. I pushed my laptop into the ISP-VLAN, but didn't get an IPv6 address by DHCP.Will need to do an extra check; maybe i need my laptop to setup the IPv4 PPPoE aswel to be able to get an IPv6 address though.I will probably check t...
Thanks for checking!I tried setting those DHCP for IPv6 options, however the device doesn't seem to pick up an IPv6 address: outside is up, line protocol is upIPv6 is enabled, link-local address is fe80::a2b4:39ff:fe3a:76c8No global unicast address i...
I did some digging into TCP MSS, and created a flexconfig policy with MTU 1448: (1448 by my ISP advice) sysopt connection tcpmss 1448 With that setting applied, i can connect to the SSL port, and i can retrieve the updates.
