Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi there,We recently install the Cisco Security Cloud App for Splunk.I configure the eStreamer services on our FMC (ver 7.4.2.1).I am seeing Connection Events in Splunk.According to this article:https://www.cisco.com/c/en/us/td/docs/security/firepowe...
Hi there,I want to know the IP pool usages on the Firepower for Remote Access VPN users.From the CLI (via system support diagnostic-cli), I can do:show ip local pool [pool name] The 'ask' is if there is other ways to get this info?Does this info avai...
Hi there,I am setting up a new Firepower to be used solely for Remote Access VPN purpose. One interface pointing to the external network, and one interface toward inside network. All AnyConnect VPN traffic would be pointing to another internal fi...
Hi there,I am using a Firepower 3110 to setup Remote VPN services for AnyConnect users. When I editing a VPN group policy (from FMC web UI), there is the "Client Firewall Rules" setting under the "AnyConnect" tab, and the "Traffic Filter" under the ...
Hi there,Read the Admin guide about the endpoint purge policy but can't find answer.There are several endpoint groups that I want to purge endpoint older than 15 days. I know about using the "ElapsedDays GREATHAN" conditions. The "ask" is if I can ...
Hi @elliot_adlerson Not sure if I understand your ask. Currently, I have no rules specifically for VPN users to inside network. I do have rule to allow internal network to reach the VPN IP user range, such as allowing SCCM server to reach out user ...
Hi there,Unfortunately we don't use DHCP services, but use local IP pool built on the firepower to provide IP assignment to AnyConnect use.The current command "show ip local pool" give us what we need (how many IP allocated, and how many are still av...
I am the original poster. We made some good progress with help from Cisco TAC.As to your question, do you actually mean installing MS CA root cert onto the ASA so ASA can authenticate the client cert presented by remote user machine? If so, this is...
