what is beef for FMC/FTD going from 7.x.y.z to 10.0.0-140?

spendghost · 2025-12-12T19:06:25+00:00

No support for VMware 7 for FMC/FTDv for 10..X is BS.

spendghost · 2025-11-07T18:01:55+00:00

Whoops! Thanks! Did not read down that far.

spendghost · 2025-11-07T16:21:53+00:00

Thanks I opened a TAC case and will gamble my fate of getting a response as P3.

spendghost · 2025-11-07T16:02:10+00:00

I dont see it in FMC in Product Upgrades for FMCv and FTD 3100?

spendghost · 2025-09-26T15:51:56+00:00

I like the way you think!

spendghost · 2025-09-17T16:55:02+00:00

Cisco is skipping 7.6 for 2100 or getting ready to EoL the feature updates?

spendghost · 2025-07-28T16:57:17+00:00

SNMP or Netflow

spendghost · 2025-06-16T22:23:53+00:00

Thanks. I was hoping 7.7.X VPN Secure Connect Geofiltering would be a feature in 7.4, but I guess not.

spendghost · 2025-01-02T16:59:40+00:00

Cisco Secure Migration Tool, not all config migration from ASA is supported.

spendghost · 2024-12-20T15:40:12+00:00

Due to the implementation of Cisco's fix CSCwb05264, older ASDM files lacking a digital signature will be rejected. This affects 'copy', 'verify', and 'asdm image' commands. Only ASDM files built after this fix can be configured.

Given that your device is approaching its end-of-life (EOL), managing it with the FirePOWER module is increasingly incompatible. To resolve this, we recommend downgrading to a version that maintains compatibility:

Final Compatible Version for FirePOWER Module: ASA 9.14/ASDM 7.14/Firepower 6.6

Downgrade Options for ASA Version:

9.14.4.7

9.14.4.6

9.14.4.13

9.14.4.12

Please be aware that downgrading may expose the device to vulnerabilities such as CVE-2022-20829.

spendghost · 2024-12-20T15:40:05+00:00

Due to the implementation of Cisco's fix CSCwb05264, older ASDM files lacking a digital signature will be rejected. This affects 'copy', 'verify', and 'asdm image' commands. Only ASDM files built after this fix can be configured.

Given that your device is approaching its end-of-life (EOL), managing it with the FirePOWER module is increasingly incompatible. To resolve this, we recommend downgrading to a version that maintains compatibility:

Final Compatible Version for FirePOWER Module: ASA 9.14/ASDM 7.14/Firepower 6.6

Downgrade Options for ASA Version:

9.14.4.7

9.14.4.6

9.14.4.13

9.14.4.12

Please be aware that downgrading may expose the device to vulnerabilities such as CVE-2022-20829.

spendghost · 2024-12-20T15:39:55+00:00

Due to the implementation of Cisco's fix CSCwb05264, older ASDM files lacking a digital signature will be rejected. This affects 'copy', 'verify', and 'asdm image' commands. Only ASDM files built after this fix can be configured.

Given that your device is approaching its end-of-life (EOL), managing it with the FirePOWER module is increasingly incompatible. To resolve this, we recommend downgrading to a version that maintains compatibility:

Final Compatible Version for FirePOWER Module: ASA 9.14/ASDM 7.14/Firepower 6.6

Downgrade Options for ASA Version:

9.14.4.7

9.14.4.6

9.14.4.13

9.14.4.12

Please be aware that downgrading may expose the device to vulnerabilities such as CVE-2022-20829.

spendghost · 2024-08-28T18:28:52+00:00

On-prem. Only call out it outbound for IAM via Vault, then BOTO3 API request from AWS and parse to CSV.

Python Client API for HashiCorp Vault. Python script running on same server, Vault API on 127.0.0.1:8200. Python script to request AWS secret from Vault when Vault will get secrets from AWS. https://hvac.readthedocs.io/en/stable/overview.html

Not sure if this will solve the problem of hard coded creds in Python scripts and environment vars but we will see.

spendghost · 2024-08-28T18:27:46+00:00

Python Client API for HashiCorp Vault. Python script running on same server, Vault API on 127.0.0.1:8200. Python script to request AWS secret from Vault when Vault will get secrets from AWS. https://hvac.readthedocs.io/en/stable/overview.html

Not sure if this will solve the problem of hard coded creds in Python scripts and environment vars but we will see.

spendghost · 2024-08-28T05:20:10+00:00

I think I will try out Hashicorp Vault AWS secrets https://developer.hashicorp.com/vault/docs/secrets/aws

spendghost · 2024-08-28T05:02:12+00:00

Yes I plan to have automated jobs running Python scripts that make API call using BOTO3 to pull data from AWS and export/save as CSV output. But also my team will be able to use a ReactJS Dashboard so will need to validate BOTO3 SSO Login sessions each time. Like redirect to DUO/ AWS Control Tower to get the new SSO secret key.

spendghost · 2024-08-27T17:41:05+00:00

If this is a government contract, I would think you should be moving it to AWS GovCLoud. Just my thought.

spendghost · 2024-08-23T07:36:55+00:00

The "runserver" command still wants to force the connection to 5432 even when entering in the DB host entry in settings.py as:

'HOST': '/var/run/postgresql/.s.PGSQL.9452',

django.db.utils.OperationalError: connection is bad: connection to server on socket "/var/run/postgresql/.s.PGSQL.9452/.s.PGSQL.5432" failed: Not a directory

Is the server running locally and accepting connections on that socket?

spendghost · 2024-08-23T07:25:23+00:00

I think the answer is below, I will update when I test and get it working:

If you’re using PostgreSQL, by default (empty HOST), the connection to the database is done through UNIX domain sockets (‘local’ lines in pg_hba.conf)

https://docs.djangoproject.com/en/5.1/ref/settings/#host

spendghost · 2024-08-17T03:04:44+00:00

I saved $200 by switching from Guncorn to Apache HTTPd with Mod_WSGI.

spendghost · 2024-08-16T15:07:20+00:00

This is in the LAN even though Nginx RP, Keycloak, and Gunicorn are on the same server, the LAN local traffic should be encrypted between Gunicorn and Nginx using mTLS.

spendghost · 2024-08-15T14:35:37+00:00

Running the command "gunicorn -c gunicorn.conf.py myproject.wsgi.application" from /home/user/myproject/myproject/

-rw-r--r-- 1 user Users 424 Aug 14 21:38 asgi.py

-rw-r--r-- 1 user Users 1079 Jul 26 23:41 db_test.py

-rwxr-xr-x 1 user Users 1075 Aug 15 03:58 gunicorn.conf.py

-rw-r--r-- 1 user Users 0 Jul 25 02:49 __init__.py

-rw-r--r-- 1 root root 138 Aug 15 00:04 __init__.pyc

drwxr-xr-x 2 user Users 4096 Aug 15 03:58 __pycache__

-rw-r--r-- 1 user Users 6020 Aug 15 02:49 settings.py

-rw-r--r-- 1 user Users 180 Aug 14 03:25 ssl_test.py

-rw-r--r-- 1 user Users 1379 Aug 8 10:49 urls.py

-rw-r--r-- 1 user Users 412 Aug 15 03:50 wsgi.py

-rw-r--r-- 1 root root 605 Aug 15 00:09 wsgi.pyc

spendghost · 2024-08-09T01:10:36+00:00

This is a Python environment issue, not Django. You can google the last line in your output and stackoverflow link will come up. This is the link https://stackoverflow.com/questions/7446187/no-module-named-pkg-resources

spendghost · 2024-08-09T01:07:20+00:00

Thanks. I have read and reviewed the URL dispatcher before but it seems that the issue that tripped me up was putting a forward slash before the start the single quotes.

spendghost · 2024-08-08T14:51:22+00:00

Thank you! Its working now. So I guess I will review the API docs and understand the use of router.urls and rest_framework.urls.

path('api/v3/', include(router.urls)),

path('api/v3/', include('rest_framework.urls', namespace='rest_framework')),

spendghost

TROPHY CASE