In this post we are going to see how we can use the Firepower geolocation feature in the access control policy. The Firepower geolocation comes in handy if you want to block the traffic from or to one or more countries, or even one or more continents. The FMC has…
When it comes to security, the word blacklist is always tied to something bad. However, this is not the case when we deal with health policies in Cisco FMC. FMC offers a nice feature called health monitor blacklist. This feature allows us to suppress the health alerts related to one…
In this post I am going to show you how to shutdown Cisco FMC. I know it might seem basic, but some of us might not came across this task before. That would be the case if you are not a 100% focus on the FMC on a day to…
In this post I am going to share with you how an FMC can register an FTD that was already registered with another FMC. In my lab I had two FMCs, and one FTD. The FTD was already registered with an FMC, and it had another FMC registration in pending…
In this post I am going to show you how to delete the pending manager in FTD. The reason why we would have a pending manager in the first place would be right after we register a manager (FMC) in the FTD, but before we add that FTD to the…
In this post we will talk about the FTD Get Device Configuration and Push Device Configurations. These two options are available in FMC to allow replicating the configuration from one FTD appliance to another. The FTD Get Device Configuration allows us to replicate the configuration from a device to the…
When we configure a site to site VPN in FMC, on the IKE tab, we see an authentication type option to use a Preshared Automatic Key. In this post we will see what that option does for us. FMC as you know can manage multiple FTD appliances. The appliances that…
In this post we will see how to configure DHCP Relay Agent on FTD through FMC. DHCP Relay Agent would be required when our DHCP server is not located in the same broadcast domain as the DHCP clients. For instance, we might have a centralized DHCP server located in a…
This post will show you how to configure AnyConnect SSL VPN in FMC. However, it will show you a slightly different configuration comparing to the common one we mostly use. In this lab we will have a DHCP server inside our network, and that DHCP server will assign the AnyConnect…
As Cisco was suggesting, the Firepower User Agent for Active Directory as an identity source for FMC was going to be removed in the future releases. In fact, as of FMC version 6.6.0 the Firepower User Agent is gone. The only option left is integrating FMC with ISE using pxGrid.…
