Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Decided to take the plunge and reimaged my 5506W-X to FTD versus ASA. I love NOT having to have Java on my PC in order to access a GUI. However, I do not like the firePOWER CLI. My impression is that you can see the config in ASA format but you ca...
All traffic going through the ASA is uncategorized.
How does it become categorized?
License Info
Malware Valid License 1 2019-07-16 08:22:42
Protection Control Valid License 1 Never
URL Filtering Valid License 1 2019-07-16 08:22:42
System Info
...
I have an upgraded a 5516X
5516X running 9.6(2)
ASDM on 7.6(2)
FirePOWER 6.1.0-330
There is supposed to be this awesome new and most importantly Non-Java based device manager called the Firewall Device Manager that comes included with FirePOWER 6.1....
I have Cisco ASA 5516X with FirePOWER services. I received the FirePOWER running SFR 5.4.1-211.
Via CLI - I performed a reimage of the device to upgrade the boot image and the software to 6.0.0-1005.
Via ASDM - I was able to use the update feature to...
Correct, but this is past cert pinning and HSTS. This is specific only to Chrome and google domains. For example google.com works on IE, Edge, Firefox and Opera. Even though they are pinning the cert we resign and they accept it but Google Chrome ...
yeah you would think the ASA/SFR would be aware but oh well. It appears support.sourcefire.com is similar to google.com in chrome. Another issue we are having where resigning google certs fails to load the page. All the workarounds (from cisco and...
Just getting back to this.....
This issue was caused by the SSL inspection configuration. It was set to "Decrypt - Resign" all SSL traffic. I added a "Do not decrypt" rule at the very top of the SSL Policy for the ASA and SFR module. Once deployed...
When I try to:Download RulesError Peer certificate cannot be authenticated with known CA certificates
Download UpdatesError Download updates failed: Peer certificate cannot be authenticated with known CA certificates
Update URL FilteringError Faile...
