About paultribe

paultribe · 04-04-2025

How do I configure SSH sessions to TIMEOUT after 5 minutes on FTD 1K devices, I know you can set console timeout under platform policy, but what about SSH session? Is the console timeout the same thing or do I have to do this somewhere else - for exa...

paultribe · 08-22-2023

We have a situation where: 1) Customer is replacing their Headend Firewall / VPN device (SonicWall); with FTD 1000 using FTD.2) They have several Dynamic S2S VPNs on Draytek routers.3) In testing we found out that the Headend FTD when using dynamic S...

paultribe · 12-03-2020

Is there any simple way to determine the average packet size of IP packets or Ethernet frames that are traversing interfaces on an ASA running FTD code, I know we have the packet capture tool and could probably obtain a smallish snapshot of traffic a...

paultribe · 04-22-2020

I do quite a few ASA to FTD migrations and many customers want a "Big Bang" approach. I am familiar with all the Migration tools that Cisco offer but they do have their limitations. The limitation for me is that I have a customer who has 200 static r...

paultribe · 09-05-2018

I have an issue whereby I am migrating Juniper SSG firewalls that have multiple VPNs to Cisco FTD running FTD 6.2.3 software (Not ASA). The problem is the Juniper SSG's terminate all the s2s VPN's on a loopback interface but the ASA cannot do this....

paultribe · 08-30-2023

I can get the debugs posted as I have replicated the issue in a lab environment with FTDv and a real Draytek of the same model. The issue seems to be with the Draytek rather than the FTD when it comes to using RSA sigs; so we are waiting for them to ...

paultribe · 05-30-2023

BEST POST EVER MATE - I have been trying 3-4 days to get 2 FTDs to use RSA Sigs for a S2S VPN and your post fixed it, TOP MAN !!! Thanks so much, its been driving me mad.

paultribe · 11-18-2020

I totally agree I have customer with the same problem and they do use IPS and AMP. 1 cpu is 90% the other 3 are less than 20. This seems a non optimal setup especially with the advent of SASE. Having said that the ASA55x are being phased out I guess ...

paultribe · 04-23-2020

This sounds great to me - if you do get time it would be great; however don't feel you have to.I would be happy to share in return a training document I wrote for my colleagues which is easier (I think), than following Cisco's guides. Its aimed at ge...

paultribe · 04-22-2020

That sounds about right, with the caveat that I would like to add several static routes from ASA to FTD in one go of course...

Member Since	‎02-06-2009 02:06 AM
Date Last Visited	‎04-07-2025 08:43 AM
Posts	109
Total Helpful Votes Received	1

User Statistics

User Activity

SSH and Console IDLE Timeout

Dynamic S2S VPN between Cisco FTD & Draytek

ASA/FTD Average Packet Size

Firepower API for - Script Static Routes

Issue migrating Juniper s2s VPN to FTD

Re: Dynamic S2S VPN between Cisco FTD

Re: So as no one responded I

Re: ASA 5525-X Hardware Specs Clarification

Re: Firepower API for - Script Static Routes

Re: Firepower API for - Script Static Routes