Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Community,
i was struggle with a challenge long time and now finally have a solution, which i want to share with you.
The challenge:
Trustsec Domain is broken through VPNs over FirePower FTD between two DNA Fabrics.Find below the traffic flow:...
Hello Community,
i want to build a Hub-Spoke Topology with dynamic VTIs. The final design is using BGP which is working perfectly. For testing i wanted to set a static route from HUB (with dyn vti) to Spoke. But i cannot select the dyn VTIinterface i...
I had issues with ERSPAN in my lab, too. The trick at my lab was, that the ERSPAN interface of FlowSensor and the Mgt Interface if FlowSenor must be in seperate VLANs! Check that
I had the snort-blacklist issue several time. In my case it was always related to SSL Offloading. So please try to:
1.Try Deactivate EVE in ACP
2.Try deactivate "Early application detection and URL categorization" in ACP
3. Try deactivate SSL Policy,...
Hello,
1. I also tried the Umbrella Integration, works good... but it seems that reverse DNS was not working so we went back to VAs. We have Brances asking VAs in central Hub sites at the moment. But Umbrella FTD integration is made for exactly that....
Hello,
i have this setup at my customer. And yes secondary FMC also update IP-to-SGT mappins on FTDs, as all FTDs have always 2 sftunnels open. One to primary and one to secondary FMC. So both FMCs are some kind of always active, you only enable the ...
