Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
A customer is running an FTD 1120 using Firepower Device Manager. They had ports HTTPS, SMTP and ESMTP open to their Exchange server, and it was accessed due to the Exchange flaw. We turned off HTTPS access, so that the rule currently looks like this...
I attempted to create an access control rule for IPS and AMP from information I found online, and apparently it was completely wrong, because it had the effect of ignoring all block rules and opening up my whole network to the Internet. No matter wh...
I configured a remote access VPN on my FTD 1120 using the Firepower Device Manager but it's not working - at first we could get connected but not browse any network resources, so we backed out of our changes and put it on hold. Now I've come back to ...
I have a case open with Cisco regarding this, but the owner is not responding to me, so I thought I'd look for help here. I have a 25-pack of AnyConnect Plus licenses showing up as a PAK number in the traditional licensing section of the software si...
I am trying to configure a FTD1120 and am having trouble with the access list commands. We're not able to configure a management VM, so we're using the 1120's onboard Device Manager. Right now we're just trying to get access out to the Internet and p...
Hey Rob, thanks for your assistance. One colleague suggested I specify Outside as the source zone and Inside as the destination zone, but does that really make a difference? I don't see that it would make the rule more secure, just more specific. Th...
While that IPS rule was created I did see it reject some PHP attacks on the blocked port, so I turned that rule off temporarily, but eventually I want to turn it back on. It's just for one specific job so when I re-enable it I'll do it with the highe...
Thanks Marvin, that makes sense. Doing it that way I could choose different levels of IPS for each of the rules? So on the SMTP rule I could choose Balanced, and on that currently blocked rule I could set it to Security over connectivity?
Thanks for the answer, Rob. I'd love to troubleshoot, but the main problem that I didn't mention above is that something has happened and I can't even log into the VPN anymore. We haven't set up AAA or anything yet, we're just working off a local u...
