Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey all, I'm migrating from an ASA to FTD (managed by FMC). In the current ASA deployment, we have lots of VPN users that connect to a single tunnel-group and authenticate using local user credentials configured on the ASA.
Now for the magic....based...
Simple scenario, one FMC managing two pairs of firewalls in HA. To repeat there is one FMC and no plan to deploy another for redundancy.
If FMC was to completely fail, I'm guessing the firewalls keep working with the last pushed FMC config. If I need...
Hi all. I have always had challenges trying to 'prove' the importance of 802.1x and some of the advanced functionality provided by Cisco ISE. The OG150 (www.og150.com) is an automated penetration testing drop box. Once plugged into the network, it wi...
Hey all, hopefully this is a quick one. Does anyone know or can share a link, that discusses CallManager versions and the supported operating systems.For example, CallManager v6.0 can run on O/S x and y.I would like a quick snapshot for reference if ...
Hello all, hopefully someone out there can help me!A WLAN is deployed in England and is therefore subject to ETSI rules. The EIRP (Effective Isotropic Radiated Power) rule for ETSI countries, stipulates a maximum of 20dBm EIRP. This is further broken...
Hi there, so yes the traffic was working in a lab. I had an FMC pushed rule that allowed two devices to communicate via ping and SSH. All good. I then changed the rule to only allow ping. Now, the two devices can ping but SSH fails because it hits th...
Thanks for checking my sanity your side too mate. It is quite lame I must say, its been close to 10 years now and still so much functionality has been lost in the move from ASA to FTD/Firepower. I've worked on Cisco firewalls for about 20 years now (...
Hi Marius, I'm genuine grateful for you input but have the read the initial post I made? This is not a "typical scenario" where I'm pushing config from FMC to FTD and traffic flows are not working (that is straightforward). I'm trying to see what opt...
Hey Marvin, thanks for this idea (its been a while since I used DAPs!).
I looked into it, I could set a user message, network ACL and "custom attribute" in a DAP. The network ACL ticks my first requirement, but the custom attribute only appears to su...
Hi there, yes before I did this test I can both ping and SSH between the two. Like I say, the rule is applied but the traffic not allowed - I assume because Snort or some other engine blocks it as it was not configured/deployed from FMC.....
