Needed to setup policy based routing (PBR) on FTD with failover capabilities and could not find any reference but only bits and pieces. Some of the Cisco docs were even misleading, so it took a bit to get it to work. Setup: 2 ISPs, primary to be used by Production …
Tag: FTD
Found a way to add new line to ACP ACL from CLI. /home/admin# cd /usr/local/sf/ /usr/local/sf/bin# LinaConfigTool “access-list CSM_FW_ACL_ line 1 advanced trust tcp ifc inside any eq 8305 ifc outside any” View new config. FTD# sh run | i 8305 access-list CSM_FW_ACL_ advanced trust tcp ifc inside any eq …
This one had me puzzled for a few days. Dynamic VTI at the Hub and VTI at the spoke. All tunnels came up, pings are working but BGP session is not establishing. I’ve used setup instructions from this YouTube Video. Packet capture shows BGP packets arriving at the Hub but …
Reference doc on Cisco website Migrate legacy Firepower licenses to new FMC mac address on the license portal, download new licenses Backup primary and standby FMC SSH to FMC and move the backup file from /var/sf/backup/ to /var/common/ Go to https://<FMC>/ddd/#ATFileDownload;deviceId=0 on primary and standby and enter backup filename to …
Error when applying changes from FMC to FTD: Deployment failed due to a show command running parallel on Firewall Threat Defense. Let it finish or cancel it, before deploying the policy again. If deployment fails again, contact Cisco TAC. Try below from sudo on FTD and redeploy changes: pmtool restartbyid …