Currently on a Cisco ASA, we use RADIUS authentication for WEBVPN users. For the logs on the RADIUS server we are not receiving the originating public IP of the users failed/successful attempts, rather we are getting OUR public IP of the gateway for ...
Forum Posts
Hi Folks, I'm having some issues I have an outside network 10.246.133.192/26 and inside host in network 10.244.17.99. The traffic between them is hitting for the temporary full access rule and doesnt hit the specific rule i've already applied. I'm at...
Hello I configured Threat detection on my FTD firewall over the weekend. Can someone please explain what the disabled section of this command means? https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-defense/222383-configure...
I've enabled the following command "threat-detection service remote-access-authentication ... " on our Cisco ASA 5508X and it feels like it's only shun a maximum of 125 IPs. Is this possible? Does the ASA have a limit in number of IPs it can simultan...
we are going to migrate the asa to ftd fmc so in the migration documents mention trustpoint certificate as per-requisites.so my querry is where can i find this certificates and how to export/migrate this from asa to ftd fmc.
Like the title says, I am looking to setup a connection to an endpoint, but, with connectivity via 2 x IKEv2 tunnels (I've only even done single tunnels). It appears to me that if we set them up in paralell, we would run into all sorts of NAT issues ...
hi need some help with configuration of this firewall i already use the basic configuration and it doesn't let anything pass through . the network in the top is the outside and the one on the bottom should be the outside. I don't know if I have to ch...
Dear All My Friend, i have ASA5516 with firepower services and Virtual Firesight Management (2 license VM). if i order SmartNet (CON-SNT), this is included for Software Upgrade Firesight ? if not, what is main SKU we must order to extend Software Up...
Hello, We cannot access ASA mode on new equipment received from Cisco (RMA) Here's what we have: firepower# connectftd Connect to FTD Application CLI asa mode does not appear firepower# sh versionVersion: 2.12(0.519)Startup-Vers: 2.12(0.519) Here ...
Firepower 1010 doesn't forward data over port 1/5 after successful upgrade from 7.2.5 to 7.2.6. It does see MAC address of a directly connected router but can't PING it. It can PING its own IP address on the port 1/5 though. It seems it can only IP c...
Resolved! Cisco Firepower Logging
Hello Guys,I have a question related to logging on Firepower. We have two option to configure it, first via Platform Setting, second via tab in Access Control Policy (this tab is near Security Intelligence, HTTP Response etc.) Question is: What is di...
I was looking thru FMC connection event log and found an odd entry. There is a traffic flow from outside to inside that looks normal except for random times when the interfaces are flipped? Does this mean anything or is it just a cosmetic bug? Note...
Hello,I have a major problem with our Firepower infrastructure comprised of an FMC (7.6) and 2 FTD's in HA. No matter what, after I create an initial policy and apply it to the FTDs, when modifying a rule, say from Allow to Block, and fdeploy, the co...
I am getting ready to perform a migration for my vFMC. Currently, our FMC is licensed for 2 devices. We are currently adding a third firewall so we need to create a new vFMC with the new license. According to our rep we can't just add the new license...
Hi Team,I'm looking for a Cisco recommended design for deploying & integrating FTDv FW pair with AWS Transit Gateway. Design Considerations -The 2 firewalls need to be deployed in a separate AWS VPC with 2 availability zones. And traffic failover sho...
