About HQuest

HQuest · 07-04-2025

With 45-day certificates in the horizon, it is time to start looking at automating certificate renewals within the FMC and FTD. While adding certificate objects can be done over API, I found many things seems to be lacking - or I am looking at the wr...

HQuest · 05-31-2024

Can I configure a FPR as a road warrior VPN client, without having to reconfigure the main VPN head end every time the FPR gets assigned a different IP address?

HQuest · 08-29-2022

Hi all.FTD v7.2.0.1 configured from scratch as perimeter firewall, FMC managed. For testing purposes, only two zones, "inside" and "outside".I created a NAT policy, set up a static "Auto NAT" rule with "inside" as source zone and "outside" as destina...

HQuest · 07-06-2021

Running FMC 7.0.0-64, I have email notifications (Policies / Actions / Alerts / Intrusion Email) turned on for intrusion policies (Snort 3, if that makes any difference), and there are only a few of those notifications that are enabled (as set on Ema...

HQuest · 06-05-2021

Warning: this is a salty message. You have been warned.While FMC 7.0.0 had a lot of nice and needed features, it went backwards in many others - including basic system functionality. Today’s case in point, the FMC internal email notification system (...

HQuest · 04-04-2025

All of my FPR devices are FMC managed, so yes. I had one series of deployment failures a while ago on devices that started their life as 6.2 - I think this was around 7.2 days. We had to reimage them as 7.2 and while some were back with a configurati...

HQuest · 04-04-2025

I have noticed this error happening much more often on lower end firewalls such as the FPR1010 but have seen the error on larger, busier units too. The firewall fails to unpack/process the AnyConnect images during deployment because it runs out of me...

HQuest · 04-02-2025

Thanks Marvin, that is helpful.I'm wondering, though, if this is sustainable and/or long term. The expired beaker3 certificate has been refreshed but with a short 4 days/96-hours lifetime. Is this workaround truly to give Cisco just enough time to pu...

HQuest · 04-02-2025

So, is this related and/or limited to 7.7.0-91? I see there is now a disclaimer "If you are already running 7.7.0-89. Do not upgrade/install the newly posted image (7.7.0-91). Reach out to Cisco TAC for a workaround." at the software download section...

HQuest · 03-31-2025

root@fmc:/var/sf/beaker3# grep client_cert /etc/sf/beaker3/beaker3.cfg.templateclient_cert = /var/sf/beaker3/securefirewall-dev-prod-01_prod.pemroot@fmc:/var/sf/beaker3# openssl x509 -text -in securefirewall-dev-prod-01_prod.pemCertificate:Data:Versi...

Member Since	‎11-16-2010 11:15 AM
Date Last Visited	‎07-04-2025 12:36 PM
Posts	122
Total Helpful Votes Received	120

User Statistics

User Activity

FMC 7.7.0 API calls for certificate management

FPR as road warrior VPN client

FTD leaking traffic

FMC: Disable email notification for specific blocked intrusions

FMC 7.0.0 does not correctly configure TLS for Email notifications

Re: FPR-1010 Deployment Failed - "The disk is (or was) full durin

Re: FPR-1010 Deployment Failed - "The disk is (or was) full durin

Re: Talos Connectivity Problem

Re: Talos Connectivity Problem

Re: Talos Connectivity Problem