Noticing that the rommon versions required for different OS / Firepower versions are varied, got me looking for a chart / table of the rommon versions to ASA OS / Firepower versions. Does something like that exist? Is it always a good idea to upgrad...
We don't see the hostname/netbios name in the Host profile.
We used to see it wneh we would clike the Computer icon for a Initiator IP.
Discovery policy is set to look for users, hosts and applications. I can see discovery events are refreshing.
I have a pair of 555X in HA mode. Each have SFR modules. I have a Virtual FMC. I added 2 URL Filtering and 2 Malware licenses and the protection license into the FMC. I have added the modules into FMC. I can't seem to allocate a URL license or Malwa...
I am failing to register my ASA with Sourcefire module. I see in the V DC that the syslog says it connected to the module successfully, but fails to authenticate“sftunneld:sf_ssl [WARN] VerifyConnect:Failed to authenticate or to be authenticated by p...
During an upgrade to 1.1.4, one of the Policy nodes didn't deregister successfully. The Primary shows it as now a standalone, but it seems to still be a part of the distributed deployment. I upgraded the Policy node and the rest of the nodes. I tried...
In your Access Control Policy, add a rule at the top, set the action to Block, set the source zone as inside and destination zone is outside. In the rule, select the port tab and in the destination port section choose TCP/8080 as the destination port...
Have you checked your NAT exemptions for that flow. NAT needs to exempt or nat to itself when going from and to the VPN remote side. Unless there are overlapping ip subnets, then you need to source nat where the overlap is.
When you ask for email alerts for Critical and Major events, I assume you mean for IPS events. These IPS events are catgorized by their Impact Flags. These events can be sent as an email alert.Go to System Configuration and setup an email server and ...
You can use a logical interface called port-channel. Port-channels or Ether-channels support up to 8 interfaces in the group (on the 2100). If you use 2 interfaces in the port-channel, you actually double your speed across that link. Should one link ...
a show version will show how many ssl vpn license you have.you are only given 2 SSL VPN simultaneous connections by default.Plus i would upgrade to 9.x code if possible.the 5510 is EOL https://www.cisco.com/c/en/us/products/collateral/security/asa-...
.jpg "Hall of Fame Community Legend"){kind=icon}
