The Net-Brainer

The Net-Brainer (http://forums.netbraintech.com/index.php)
-   NetBrain Product (http://forums.netbraintech.com/forumdisplay.php?f=19)
-   -   Cisco NGFW (http://forums.netbraintech.com/showthread.php?t=21628)

franciscoe 06-16-2017 10:11 AM

Cisco NGFW
 
Has anyone tried to add any of the CISCO NGFW to Netbrain? I can't find any support. We currently have the FMC (Firepower Management Console) and 4 FP4120 (Firepower). We are upgrading all of our ASA to FTDs or FP.

NetBrainTAC 06-18-2017 09:55 PM

Re: Cisco NGFW
 
Hi,

Currently, we don't support it and our team is working on it, I will provide the new driver to you once it's ready.

Glenn 04-05-2018 04:45 PM

Re: Cisco NGFW
 
Any updates on a driver for the Cisco Firepower devices?
I have two 2140's in a HA pair that need the NetBrain driver.

rahul.chaudhary 04-12-2018 07:51 PM

Re: Cisco NGFW
 
For FMC/FTD 2100 series.
Try with FMC --> Device--> device management --> Firewall--> SNMP V2c
Community string should be simple word i.e netbrian (Don't use any special characters).

For FTD 4100 Series
Try with firepower chassis manager (management IP) --> platform setting--> SNMP
Community string should be simple word i.e netbrian (Don't use any special characters).

JohnSmith 04-12-2018 10:40 PM

Re: Cisco NGFW
 
The login script for different firepowers are different.
You may modify the built-in Cisco ASA driver as a try.
If you don't know where to modify the driver, go to online help and search.

lheavrin 10-29-2018 09:29 AM

Re: Cisco NGFW
 
We worked with NetBrain support to get a driver for our Cisco Firepower 4110s and 9300s; however, we run transparent cluster and there's a bug where you can't SSH to a BVI on the 9300s and it wont be fixed until 6.2.3.7 release in late November. I got the 4110s working though in routed mode.

I had to tweak the login settings and just trial and error to see what worked.

Baykahn 12-14-2018 09:55 AM

Re: Cisco NGFW
 
I can see the configs in netbrain now but it does not interpret the ACL or fw rules properly if at all. I do a path and it treats the path like a router and says all good. Obviously we want netbrain to tell us the packets will be allowed or dropped and that does not seem to be happening.
Also noted on the ASAs, if the host belongs to a group then the group id is referenced it does seem to ignore it being in a rule. When the rules uses an ip it seems to work.

NetBrainTAC 12-24-2018 08:47 PM

Re: Cisco NGFW
 
Quote:

Originally Posted by Baykahn (Post 24455)
I can see the configs in netbrain now but it does not interpret the ACL or fw rules properly if at all. I do a path and it treats the path like a router and says all good. Obviously we want netbrain to tell us the packets will be allowed or dropped and that does not seem to be happening.
Also noted on the ASAs, if the host belongs to a group then the group id is referenced it does seem to ignore it being in a rule. When the rules uses an ip it seems to work.

Hi,

May I know which version are you running now? IEv7.1 or EEv6.2?
NetBrain should be able to support the host belongs to a group, could you please find this path and send us the map file for further analysis and evaluate if we could provide a patch to support it? Please kindly send this map file to support@netbraintech.com, thank you.

sthomason 04-05-2019 08:14 AM

Re: Cisco NGFW
 
I am having a similar. We have 5500x models and currently it now maps correctly but you only get the interface configuration from SNMP. All the connections test as successful.


All times are GMT -4. The time now is 01:51 AM.

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright 2009 NetBrain, Inc. All rights reserved.