By default, even if the box is fully functional and correctly installed, the traffic won’t be passed to the FirePOWER instance. We will have to configure it by ourselves.
To accomplish this we will create an ACL for the traffic we would like to pass by to the FirePOWER instance.
access-list ACL_SFR extended permit ip any any
afterwards we will create a class-map where we will match all the traffic from the ACL „ACL_SFR“. We will name it „TO-SFR“ and it should look like this.
Hello everyone. Yes, it is 2020 and I am still speaking about ASA…
On one side I recently bought myself an ASA-5506-X with FirePOWER services, to extend my lab, to see how it works, and to do some experiments I can not do on a customer environment :). On the other side I also recently bought a Firepower 1010 to see the evolution Cisco made from ASA to ASA with FirePOWER and finally Firepower. We also have to assume that there are still a lot of ASA Firewalls out there and they will remain for a while before replacement.
At first sight, we may not find any difference between the wording Firepower and FirePOWER. But there is one… a significant one.
When Cisco mentions the word FirePOWER, then they talk about ASA-Devices with a Firepower Image on top running as a module.
In contrast to this, when Cisco speaks about Firepower then they are mentioning the Firepower Threat Defense device.
While reading this post, keep in mind that it is NOT a configuration guide. This text has been written with the simple purpose to describe the functionality, architecture and design without going too deep in detail.
I bit, therefore I byte 