About bstewart

bstewart · 01-20-2021

Which versions are affected? My ops team found it with 6.6.0. Good to see there's a workaround, at least.

bstewart · 03-11-2022

Recent versions of FTD now support using the firewall's outside data interface for management, as an alternative to using the management port. You have to do the configuration including IP addresses from the console serial port, and there are a few ...

bstewart · 03-10-2022

It looks like if you want to use syslog, there are three messages111008 - logs the command (Level 5 - Notification) - excludes "show" commands111010 - logs the command and user info (Level 5 - Notification) - excludes "show" commands111009 - logs e...

bstewart · 01-20-2021

Were you trying to allow a specific URL (http://example.com/thing1.html) or just the site (example.com or 150.234.210.205)?The latter shouldn't take a URL filtering license; the Security Intelligence whitelist/blocklist can handle that.(I realize thi...

bstewart · 09-16-2020

You need to check the lifetimes for the ikev2 and ipsec settings, and make sure they're compatible so everything rekeys correctly. Some of them default to 8 hours or 24 hours.

bstewart · 09-16-2020

I've been trying to do similar things to build connections from ASA to Palo Alto (which only does VTI, doesn't like Cisco crypto-map.)The advice I found on the net said "Your ASA is really only using those addresses to decide what interface to send o...

Member Since	‎03-01-2017 02:14 PM
Date Last Visited	‎10-05-2022 12:31 AM
Posts	19
Total Helpful Votes Received	15

User Statistics

User Activity

CSCvs67929 - Firepower Geolocation rules not blocking traffic from blocked countries

Re: FMC to remote FTD deployment

Re: Audit trail in a Cisco ASA

Re: Firepower - Geoblocking countries

Re: I have successfully gotten my

Re: Yes, we have just updated our