Activity in Security
Two Mac addresses from the FTD 2110 MGMT interface
Hello, I deployed a new FTD 2110 on our company network and I'm seeing two different mac addresses on the switch port that the MGMT interface is connected to. I know that the one mac address is associated with the actual MGMT interface, but can anyon...
FTD and FMC backup creating a sf-storage folder
Hello, Does anyone know why the FMC/FTD would create an sf-storage folder on a Linux Server? When I configured the remote storage I tried to point it so that the backups are stored into a certain directory, however it created a separate folder within...
ASA5516 Recommended software version
I am configuring ASA5516 from scratch and trying to find out the current recommended versions.Could you please advise?Curretly:ASA Software Version: 9.8(2)Firepower Extensible Operating System Version: 2.2(2.52)Device Manager Version: 7.9(2)152
Cisco FPR 7.2.5 ACP filter user per AD/LDAP users
Hello , I have cisco FPR 7.2.5 managed by FMC. i want to make ACP rule and filter group user from AD/LDAP. For example one group from AD have FULL internet access other is Limited Internet access. Can i make it without ISE, ISE-PIC. It is enough onl...
Installing Secure Client (5.x) AND Any Connect (4.x) on 1 computer
I have a weird situation I need to connect to two sepaate VPN (not at the same time).One of these requires Cisco Secure Client 5.x the second works with Any Connect 4.x.I have Cisco Secure Client 5.x installed, if i try connecting to the VPN that use...
Monitoring on-premises Cisco devices on Azure
Has anyone tried to setup the Azure monitoring agent to on-premises Cisco devices so that they can be monitored on Azure? Please kindly let me know the procedure/necessary configuration if anyone has done this successfully.
AnyConnect Speed Issues
Hello,FTD's 2110 at 7.3.1.1.I have two datacenters running that code on 2110s. They have the same configuration for the most part and the same size fiber internet 500 Mbps circuit. Coming in on VPN1, running a speed test from my home connection is ab...
Setting UP a SECOND ASA5506-x firewall
Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It ment...
Problems with SNMP on the ASA 5555-X
Hello everyone,I have a CISCO ASA 5555-X configured in multi-context mode and I want to monitor it via SNMP.However, I can't find the MIB files for this device.How can I get them?I don't have access to ftp://ftp.cisco.com/pub/mibs/supportlists/asa/as...
Renewall of Admin Certificate
I have to renew the admin certificate in a pair of ISE nodes (Prim / Sec) on Version 3.2.0.542 Patch 4. Currently both devices have the same admin cert that expires in little over 3 weeks. All the names and IPs in this thread are placeholders. I gene...
Recommended logs that should be sent to IBM QRADAR SIEM from ESA
Any thoughts on recommended logs that should be sent to QRADAR SIEM ? what subscriptions should be configured ?
Resolved! FMC 7.2.5.1: Smart Agent is not registered with Smart Licensing Cloud
Hello everybody,the customer has the FMC rel. 7.2.5.1 and the Health Monitor shows the error messageSmart License MonitorSmart Agent is not registered with Smart Licensing CloudSmart License usage is out of compliancethis time for itself (see attache...
SSM ON-Prem TACACS+ and Clearpass
Hi,I am trying to configure TACACS+ on our SSM On-Prem server so that I am able to login on the Webinterface with my AD user. The TACACS+ configuration is done in Clearpass. And the test in the configuration window on the SSM server was successful.Bu...
How to Manage MAC Address Randomization in Dual SSID BYOD ISE 3.3?
Context: I am currently testing a BYOD setup involving dual SSIDs using Cisco ISE 3.3 for mobile devices. The configuration process begins with an open SSID, followed by a secure SSID connection via TLS once the profile and certificate are retrieved ...
IPSec VPN Tunnel Lan-to-Lan decrypt count zero
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
| User | Helpful Count |
|---|---|
| 45 | |
| 43 | |
| 33 | |
| 23 | |
| 22 |
