I am curious, for all the Allow rules, does the order of the access control policy affect the platform in a large way? What I mean is if there are a few hundred rules, is it important to put the most active flows at the top of the list and the rules ...
Forum Posts
I have a remote site with a Cisco 1010 FirePower connected to our main datacentre via a Site-2-Site VPN....The 1010 FTD is managed via the FMC located in our datacentre. I had to make a change to the DH groups on the VPN due to certain groups being d...
Resolved! Cisco Firepower 1010 Appliance mode
Hello, everyone We have Cisco Firepower 1010 with ASA in appliance mode. Can we manage FXOS via ASDM or FMC and using IPS? Like Firepower on 55xx-X Models. The documentation saying: Unsupported FeaturesGeneral ASA Unsupported FeaturesThe following AS...
Hello I would like to ask if the latest file of VDB Update in FMC includes the previous ones? I have a couple of file to install Do I have to install them all?Or the latest one will suffice? Thanks and regards, Konstantinos
Resolved! ACL and dailer
Hello, I come back to you with a question that pop-up in my mind when I review the conf of my router and still confused me a lot. First let me illustrated the picture of my networkhots --> sw --> router (on the router I have a pppoe connection, using...
Resolved! Downgrading Fpr 1120
All, I have just received a Cisco FPR 1120 with FTD. The unit came with software version 6.5 installed. My company wants me to downgrade it to 6.4.0.4. Does anyone have any I instructions on how to downgrade this device. I have not touched a firewal...
I Have asa 5508 with firepower module. Trafik goes inside to outside, Pat is active, and when respond came back to firewall, firewall drops it. I added acl to outside interface in. It worked. Is ASA stateless or does firepower module block it ?
Resolved! FMC Realm configuration
Dear Community , My doubt is in regard to Realm configuration change, where i want to update AD password of the directory. When the password is updated1)Does it effect the existing AnyConnect VPN users by disconnecting the connections or the users wi...
Resolved! FTD management route not seen
Hello, I have a FTD 2130 with 6.7 firmware.On the FDM GUI, management interface is configured with a gateway address using mgmt interface. But when I connected this FTD via ssh, then by using > show route, I got nothing about the mgmt network.As a ...
Hi all, I have enabled security license on an ISR 4400 in evaluation mode. But there is no any data with TLS. Is TLS still available in evaluation mode? BTW, the isr is registered under our smart licensing portal. Thanks.
Hello All, We have a FTD 2100 HA pair managed trough FMC. According to Cisco documentation upgrading a HA pair trough FMC will go automaticly ( standby first, then active).Is there a possibility to upgrade this manualy? ( so first standby, manual fai...
Resolved! Cisco FTD HA License
Hello , i have a question about implement 2 Cisco FTD 2110 on HA fail over mode, my question about the license, in case i purchase the license in our case TMC for one device only and the standby device has only the base license, it is possible in thi...
Hello There I was wondering if somebody is able to explain me (or send the link) why I can't make my Firepower 2140 log Policies events to my Syslog Server. Ive defined a syslog destination under Platform settings and I also define under the Access C...
We are increasingly seeing requests where an employee is working with a client who wants them to connect with them using remote-access VPN to access resources relevant to their active projects. Are there any suggestions or best practice guidelines w...
USER with ip address 192.168.2.2 wants to reach the on-premise SDC server througth its public ip addreess 209.165.202.130 (this server is reacheable throught its private IP 192.168.1.3 but the user wants to reach the public ip from the LAN instead of...
