About darrenj

darrenj · 03-24-2025

Hey all, I'm migrating from an ASA to FTD (managed by FMC). In the current ASA deployment, we have lots of VPN users that connect to a single tunnel-group and authenticate using local user credentials configured on the ASA. Now for the magic....based...

darrenj · 03-19-2025

Simple scenario, one FMC managing two pairs of firewalls in HA. To repeat there is one FMC and no plan to deploy another for redundancy. If FMC was to completely fail, I'm guessing the firewalls keep working with the last pushed FMC config. If I need...

darrenj · 01-07-2013

Hi all. I have always had challenges trying to 'prove' the importance of 802.1x and some of the advanced functionality provided by Cisco ISE. The OG150 (www.og150.com) is an automated penetration testing drop box. Once plugged into the network, it wi...

darrenj · 03-20-2008

Hey all, hopefully this is a quick one. Does anyone know or can share a link, that discusses CallManager versions and the supported operating systems.For example, CallManager v6.0 can run on O/S x and y.I would like a quick snapshot for reference if ...

darrenj · 05-25-2007

Hello all, hopefully someone out there can help me!A WLAN is deployed in England and is therefore subject to ETSI rules. The EIRP (Effective Isotropic Radiated Power) rule for ETSI countries, stipulates a maximum of 20dBm EIRP. This is further broken...

darrenj · 03-26-2025

Hi there, so yes the traffic was working in a lab. I had an FMC pushed rule that allowed two devices to communicate via ping and SSH. All good. I then changed the rule to only allow ping. Now, the two devices can ping but SSH fails because it hits th...

darrenj · 03-25-2025

Thanks for checking my sanity your side too mate. It is quite lame I must say, its been close to 10 years now and still so much functionality has been lost in the move from ASA to FTD/Firepower. I've worked on Cisco firewalls for about 20 years now (...

darrenj · 03-25-2025

Hi Marius, I'm genuine grateful for you input but have the read the initial post I made? This is not a "typical scenario" where I'm pushing config from FMC to FTD and traffic flows are not working (that is straightforward). I'm trying to see what opt...

darrenj · 03-24-2025

Hey Marvin, thanks for this idea (its been a while since I used DAPs!). I looked into it, I could set a user message, network ACL and "custom attribute" in a DAP. The network ACL ticks my first requirement, but the custom attribute only appears to su...

darrenj · 03-24-2025

Hi there, yes before I did this test I can both ping and SSH between the two. Like I say, the rule is applied but the traffic not allowed - I assume because Snort or some other engine blocks it as it was not configured/deployed from FMC.....

Member Since	‎10-22-2001 07:51 AM
Date Last Visited	‎11-10-2025 02:05 PM
Posts	165
Total Helpful Votes Received	16

User Statistics

User Activity

FTD - AnyConnect Local User migration from ASA.

FMC failure - FTD change scenario.

How to sell Cisco ISE.

CallManager Operating System

EIRP Rule!!

Re: FMC failure - FTD change scenario.

Re: FTD - AnyConnect Local User migration from ASA.

Re: FMC failure - FTD change scenario.

Re: FTD - AnyConnect Local User migration from ASA.

Re: FMC failure - FTD change scenario.