About ashaw216

ashaw216 · 03-23-2021

Looking for the Intrusion Rules that match these CVE's; the first one shows up but the others do not. Alerts about these from F5 were sent out around 3/10/21, does anyone now where the other Intrusion rules for these might be? CVE-2021-22986 (fou...

ashaw216 · 11-14-2019

We have a separate intrusion policy for ingress trafffic from the internet to our DMZ servers. When I run Firepower Recommendation on this policy, it suggests changing dozens of old browser vulnerability snort rules from Disabled to Generate Event an...

ashaw216 · 05-16-2018

Here is what I'm trying to do: we have a edge mail appliance that is receiving bounce emails that are being detected as SMTP_RESPONSE_OVERFLOW. I'd like to be able to ignore this detection for that host, but I don't see an easy way to do this....

ashaw216 · 04-18-2018

Running FP 8130 appliances, within FP Management we are seeing "Decryption Error" for port 443 traffic. We have a valid root cert for the MtM decryption process. Where can we find more information about WHY this has a "Decryption Error"?

ashaw216 · 04-12-2018

We are running FMC virtual 6.2.2. I am trying to implement External Auth under Users > External Authentication, but it looks like the Base DN and the Filters don't like groups containing spaces (e.g. CN=Some_Group,OU=Security Groups,OU=Level,DC=Doma...

ashaw216 · 03-24-2021

Thanks for the suggestion. Our FMC shows that it's running the 03-22 vrt and I found those SIDs, but how did you figure out which CVEs these go to? The Rule Documentation reference link leads to a "Missing documentation" page on Snort.

ashaw216 · 07-12-2019

Are there any solutions for an actual real-life situation? Simulations are one thing...

ashaw216 · 09-18-2018

Qamar, While it is a VM, it's running with the recommended 16GB of RAM. The issue occurs in Chrome, Edge and IE, for multiple people. The certificate being used is the built-in one with the 2048-bit key, so I'm not sure that the bug y...

ashaw216 · 09-17-2018

@Qamar Islam wrote: Hi, What version you have installed? For version 6.2.1 you need to first meet the minimum requirements of the Cisco FMC specifications. Title of this thread says it all... 6.2.2

ashaw216 · 09-17-2018

Is there any way around this? We have restarted the FPMC but the issue isn't going away. It's been several HOURS now!

Member Since	‎03-17-2004 10:00 AM
Date Last Visited	‎08-09-2021 12:31 PM
Posts	85
Total Helpful Votes Received	15

User Statistics

User Activity

Firepower still missing latest F5 CVE's?

Firepower recommendations for intrusion polciy

Exemption specific intrusion rule for host

"Decryption error"

External auth with groups containing spaces

Re: Firepower still missing latest F5 CVE's?

Re: Cisco FMCv version 6.2.2 GUI error system processes are starting please wait

Re: Cisco FMCv version 6.2.2 GUI error system processes are starting please wait

Re: Cisco FMCv version 6.2.2 GUI error system processes are starting please wait

Re: Cisco FMCv version 6.2.2 GUI error system processes are starting please wait