Cisco Firepower 1010 Configuration
Apr23

Cisco Firepower 1010 Configuration

KB ID 0001673 Background This page will be used as a central repository and ‘index’ for configuration on the Cisco Firepower 1010 series firewall. I intend to add to it as I test the capabilities and work out any problems whilst trialing/deploying and operating this platform. Config Documents VPN Firepower 1000 series running ASA Code. EZVPN Is not supported on this platform, it cannot be configured as an EZVPN client....

Read More
Cisco Firepower 1010 Licensing
Apr22

Cisco Firepower 1010 Licensing

KB ID 0001672 Problem So we have unboxed and setup our Firepower 1010 device, simply logging into the ASDM fires off warnings that it’s only running DES and I need to register the unit go get any decent level of encryption, (seriously why is 3DES still an ‘add on’ licence, who is still doing 56bit encryption!)  So let’s get is registered and licenced. Solution The ‘Licence Envelope’ in the box is...

Read More
macOS: ASDM Developer Cannot Be Verified
Apr10

macOS: ASDM Developer Cannot Be Verified

KB ID 0001667 Problem When trying to connect to a Firepower 1010 ASDM I was met with this; “Cisco ASDM-IDM.app” cannot be opened because the developer cannot be verified. macOS cannot verify that this ap is free from malware Solution If you’ve spent much time using macOS then this is quite common, Open System Preferences > Security and Privacy > General tab > You will see a warning about the Cisco ASDM-IDM...

Read More
Firepower 1010 Review
Apr10

Firepower 1010 Review

KB ID 0001666 What Is It? I’ve been trying to get my hands on one of these for a while. So thanks to my employer for sending me one to take a look at. The Firepower 1010 appliance is aimed at Small Office / Home Office, and possibly Small Remote Branch offices. But like its predecessors it will probably get put in EVERYWHERE because it’s ‘cheap’, (Note: for cheap, read possibly under-specced* and the wrong...

Read More
Cisco SFR Cant Ping its Default Gateway?
Jul25

Cisco SFR Cant Ping its Default Gateway?

KB ID 0001575 Problem This is a strange one? I was deploying FirePOWER to a pair of ASA 5550-8-X firewalls in Active / Standby failover last week. After each SFR was updated (via ASDM.) I could no longer ‘ping it’, the SFR itself could ping everything on the same VLAN, APART from its own default gateway, (which was an SVI on the Cisco 3750 switch it was connected to). This happened every time I updated the SFR, (or...

Read More
Cisco 5506-X / 5512-X SFR Unsupported
Feb26

Cisco 5506-X / 5512-X SFR Unsupported

KB ID 0001522 Problem After upgrading an ASA 5506-X to Version 9.10, I was about to re-image the FirePOWER SFR module. I went to load the boot image and this happened; sw-module module sfr recover configure image disk0:/asasfr-5500x-boot-6.3.0-3.img ^ ERROR: % Invalid input detected at ‘^’ marker. At first I thought “Oh great, the syntax has changed, there’s another post to update”. But no, the command is...

Read More