Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Reading the FTD 6.3 release notes it states that:
You cannot install Firepower Threat Defense 6.3 or subsequent releases on the ASA 5506-X, 5506W-X, 5506H-X, and 5512-X. The final supported FTD release for these platforms is 6.2.3
This is incredibl...
I have a simple QoS config, that matches RTP and SIP traffic and marks the packets with DSCP values. The weird thing is - it takes exactly 4 minutes after the call is initiated before the packets start getting marked! What on earth could be causing t...
Is there a way to see what country the firepower system thinks an IP is from?
I get that I can create a rule and test whether the packet is allowed or denied - but I'd like more feedback from firepower regarding what country it believes the IP is fro...
So I have a customer that gets hit a fair bit with intrusion attempts etc. They only require external terminal server connections for say country "x".
I have created a firepower control policy which blocks (with reset) all traffic originating extern...
So I have a brand new CDA deployed and patches 1 thru 5 all applied successfully.
I am attempting to connect with a Server 2012 R2 AD server, but am having some troubles.
My CDA AD user is a member of the domain-admins and I have also changed the pe...
Yes. The idea is to evaluate IPs prior to rule creation and without logged traffic.
Mostly this is to evaluate IP blocks which have been assigned to the customer prior to implementing, especially where existing geographic based rules already exist....
Shay, Thankyou so much. I was tearing my hair out!!
The official installation document for CDA does not mention anything about requiring remote registry service. It might be a good idea to add it in!
