Cisco Firepower 1010 Licensing
KB ID 0001672 Problem So we have unboxed and setup our Firepower 1010 device, simply logging into the ASDM fires off warnings that it’s only running DES and I need to register the unit go get any decent level of encryption, (seriously why is 3DES still an ‘add on’ licence, who is still doing 56bit encryption!) So let’s get is registered and licenced. Solution The ‘Licence Envelope’ in the box is...
macOS: ASDM Developer Cannot Be Verified
KB ID 0001667 Problem When trying to connect to a Firepower 1010 ASDM I was met with this; “Cisco ASDM-IDM.app” cannot be opened because the developer cannot be verified. macOS cannot verify that this ap is free from malware Solution If you’ve spent much time using macOS then this is quite common, Open System Preferences > Security and Privacy > General tab > You will see a warning about the Cisco ASDM-IDM...
Firepower 1010 Review
KB ID 0001666 What Is It? I’ve been trying to get my hands on one of these for a while. So thanks to my employer for sending me one to take a look at. The Firepower 1010 appliance is aimed at Small Office / Home Office, and possibly Small Remote Branch offices. But like its predecessors it will probably get put in EVERYWHERE because it’s ‘cheap’, (Note: for cheap, read possibly under-specced* and the wrong...
Cisco SFR Cant Ping its Default Gateway?
KB ID 0001575 Problem This is a strange one? I was deploying FirePOWER to a pair of ASA 5550-8-X firewalls in Active / Standby failover last week. After each SFR was updated (via ASDM.) I could no longer ‘ping it’, the SFR itself could ping everything on the same VLAN, APART from its own default gateway, (which was an SVI on the Cisco 3750 switch it was connected to). This happened every time I updated the SFR, (or...
Cisco 5506-X / 5512-X SFR Unsupported
KB ID 0001522 Problem After upgrading an ASA 5506-X to Version 9.10, I was about to re-image the FirePOWER SFR module. I went to load the boot image and this happened; sw-module module sfr recover configure image disk0:/asasfr-5500x-boot-6.3.0-3.img ^ ERROR: % Invalid input detected at ‘^’ marker. At first I thought “Oh great, the syntax has changed, there’s another post to update”. But no, the command is...
Cisco ASA: Remove FTD and Return to ASA and ASDM
Remove FTD KB ID 0001496 Problem A few weeks ago I posted an article about re-image your Cisco ASA to FTD (FirePOWER Threat Defence). Now you may find the the FTD is not as ‘Feature rich’ as your old firewall, or that there’s a ‘Lack of feature parity’, which are two polite ways of saying that it’s crap, (sorry it’s just awful, as usual Cisco should’ve spent a LOT longer developing this...