Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm confused as to where to place this rule. From my understanding, there should be an allow rule with the File Policy configured to use the associated Malware & File policy. However, the rest of the configuration of that rule is set to allow any any...
I have a server to which I only allow certain IP's. While reviewing events, I could see traffic from an IP which is not in the allowed list being allowed through but have been unable to determine why it has been allowed.Below is the output of a packe...
We have very few WAN-facing devices and, for the ones which are accessible from the WAN, traffic to and from those IP's is restricted to specific IP ranges and ports within the access control policy.However, under 'Security-Related Events' we consist...
Hi. I have a virtual Firepower Management Center and an FTD-1010 on which I've configured a site-to-site VPN for SIP traffic.The tunnel is up and I have a NAT rule configured but, when I perform a packet trace, I'm getting the error:Drop-reason: (ins...
We are in the process of migrating from an older ASA to an FTD appliance. I've had the FTD in place for our site-to-site VPN's and am now at the point where I need to migrate servers which are behind the ASA over to the FTD.We have an externally rout...
Having a router upstream from the FTD, wouldn't it be possible to create a correlation policy and use the Cisco IOS Null Route Module to automate blocking the offending IP's at the upstream router?I began looking into this option this morning but am ...
