Jump to content
root0

FirePOWER Management Center Collection

Recommended Posts

Cisco FirePOWER Management Center Collection

 

Change Log

new builds added:

 

Cisco_Firepower_Mgmt_Center_Patch-6.4.0.7-53.sh.REL.tar

Cisco_Firepower_Mgmt_Center_Patch-6.5.0.2-57.sh.REL.tar

Cisco_Firepower_GEODB_Update-2019-12-17-001.sh.REL.tar

Cisco_Firepower_SRU-2019-12-18-001-vrt.sh.REL.tar

and more...

 

Hidden Content

    Give reaction to this post to see the hidden content.

  • Like 21
  • Thanks 7
  • Haha 1

Share this post


Link to post
Share on other sites

Sorry to say Telegram requires a mobile number. I don't use one, so the links are no good to me. But thanks anyway, I'll find the files elsewhere.

Share this post


Link to post
Share on other sites

you can see via Web without Telegram client

 

Hidden Content

    Give reaction to this post to see the hidden content.

Edited by root0
  • Like 15
  • Thanks 10
  • Haha 1

Share this post


Link to post
Share on other sites

Cisco FirePOWER Management Center Collection

 

Change Log

new builds added:

 

Cisco_Firepower_Mgmt_Center_Patch-6.4.0.8-28.sh.REL.tar

Cisco_Firepower_Mgmt_Center_Patch-6.5.0.3-30.sh.REL.tar

Cisco_Firepower_GEODB_Update-2020-01-27-002.sh.REL.tar

Cisco_Firepower_SRU-2020-01-30-002-vrt.sh.REL.tar

and more...

 

Hidden Content

    Give reaction to this post to see the hidden content.

  • Like 11
  • Thanks 3

Share this post


Link to post
Share on other sites

Cisco FirePOWER Management Center Collection RENEWED

 

Change Log

new builds added:

 

+Cisco_Firepower_Mgmt_Center_Upgrade-6.5.0-123.sh.REL.tar

+Cisco_Firepower_Mgmt_Center_Virtual_KVM-6.5.0-123.qcow2

+Cisco_Firepower_Mgmt_Center_Virtual_VMware-6.5.0-123.tar.gz

+Cisco_Firepower_Mgmt_Center_Virtual300_VMware-6.5.0-123.tar.gz

and more...

 

builds removed:

 

-Cisco_Firepower_Mgmt_Center_Patch-6.5.0.3-30.sh.REL.tar

-Cisco_Firepower_Mgmt_Center_Upgrade-6.5.0-115.sh.REL.tar

-Cisco_Firepower_Mgmt_Center_Upgrade-6.5.0-120.sh.REL.tar

-Cisco_Firepower_Mgmt_Center_Virtual_KVM-6.5.0-115.qcow2

-Cisco_Firepower_Mgmt_Center_Virtual_VMware-6.5.0-115.tar.gz

 

Hidden Content

    Give reaction to this post to see the hidden content.

Edited by root0
  • Like 26
  • Thanks 9
  • Haha 1

Share this post


Link to post
Share on other sites

The t.me/s/cisco_collection magnets are down ;/ Can any1 upload to a google repository for direct download ?

Share this post


Link to post
Share on other sites
On 10/1/2019 at 4:24 PM, SmilerNet said:

 

Were you able to enable the " Export-controlled features" in 6.5?

 

Was this a fresh install or upgrade?

 

I've editted the appropriate file & done a full reboot but export features still remain disabled; I need this enabled for VPN functionality.

 

UPDATE: I missed a config file & export feature are now enabled.

Got around to testing 6.6 yet ? there seems to be a new "Carrier license. 

Share this post


Link to post
Share on other sites
Posted (edited)

Has anyone figured out 6.6 anyconnect or export control options, when i attempt previous configuration i get invalid password trying to get into mysql.  😞

 

[email protected]:/Volume/home/admin# mysql -uroot -padmin sfsnort
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

Edited by planetcoop
  • Like 3

Share this post


Link to post
Share on other sites
Posted (edited)
i tired the below, the Telegram, say file is too large, they only allow 500MB , how can you download invididual file?
 

+Cisco_Firepower_Mgmt_Center_Upgrade-6.6.0-90.sh.REL.tar
+Cisco_Firepower_Mgmt_Center_Virtual_KVM-6.6.0-90.qcow2
+Cisco_Firepower_Mgmt_Center_Virtual_VMware-6.6.0-90.tar.gz
+Cisco_Firepower_Mgmt_Center_Virtual300_VMware-6.6.0-90.tar.gz
and more...
 

Hidden Content

    Give reaction to this post to see the hidden content.
Edited by 7Core
hide tag added
  • Like 9
  • Thanks 1

Share this post


Link to post
Share on other sites
On 4/29/2020 at 2:02 PM, planetcoop said:

Has anyone figured out 6.6 anyconnect or export control options, when i attempt previous configuration i get invalid password trying to get into mysql.  😞

 

[email protected]:/Volume/home/admin# mysql -uroot -padmin sfsnort
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

My exact issue

Share this post


Link to post
Share on other sites
On 6/22/2017 at 12:59 PM, muhfugen said:

Unlimited evaluation

Hidden Content
  • - SSH in to your Firepower Management Center

     

    - Run "sudo su" to become root

    - Edit /etc/sf/.health_monitor.data and change the DEMOSTART variables value to 4294967295

    - Run "pmtool restartbyid sla" to restart the licensing daemon

 

 

Add Remote Access VPN and Advanced licenses to an evaluation

The Advanced licenses are currently not used for anything, but will be in future versions according to line 161 in the /var/sf/lib/perl/5.10.1/SF/SmartAgentManager.pm file.

 

You likely dont need to enable all 3 Remote Access VPN license types, unless you have a specific use case for doing so. And VPNOnly licenses can not be assigned to a device when either APEX or PLUS licenses are assigned, although APEX and PLUS can be assigned to the same device. The APEX licenses support the most features and what most people will likely want to have installed. For more information on Remote Access VPN license types see

Hidden Content

    Give reaction to this post to see the hidden content.

Hidden Content
  • - SSH in to your Firepower Management Center

     

    - Run "mysql -uroot -padmin sfsnort" to enter the MySQL console

     

    - Choose the type of license you want to install. Valid values are APEX, PLUS, VPNOnly or ADVANCED. You will need to replace PRODUCT_TYPE in the following instructions with one of these values.

    - Do not enable the ADVANCED licenses yet as they don't do anything yet and will cause your Licensing page to display an error. If you do enable these licenses by accident you can remove them with "delete from smart_licenses where license = 'ADVANCED'; " and "delete from license_caps where capability = 'ADVANCED'; ".

     

    - Run "select * from smart_licenses; " to display the current licenses installed

    - You'll want to copy the UUID of your Firepower Threat Defense device, it will be the one with the BASE, MALWARE, THREAT and URLFilter licenses.

    - Run "insert into smart_licenses values ('UUID', 'PRODUCT_TYPE', 1, 1, ACTIVE, 1498101252); " while replacing UUID in this command with the UUID you copied in the previous step, PRODUCT_TYPE with either APEX, PLUS, VPNOnly or ADVANCED, and ACTIVE with a 1 if the device is a stand alone device or a 0 if it is in a high availability pair.

    - If you have multiple devices you will need to perform these steps for each device UUID.

    - If you have devices in a high availability pair and want to use APEX, PLUS or VPNOnly license you will also need to repeat these steps to install licenses for APEX_HA, PLUS_HA or VPNOnly_HA product types respectively for this table only. When installing the "_HA" licenses ACTIVE should always be 1.

     

    - Run "select * from license_caps; " to display the license capabilities

    - You'll want to copy the UUIDs of the mgr_uuid and mgd_uuid columns of your Firepower Threat Defense device.

    - Run "insert into license_caps values ('MGR_UUID', 'MGD_UUID', 'PRODUCT_TYPE', 1498101252, 1, 1, 1); " while replacing the MGR_UUID and MGD_UUID in this command with the UUIDs you copied in the previous step, and PRODUCT_TYPE with APEX, PLUS, VPNOnly or ADVANCED.

    - If you have multiple devices you will need to perform these steps for each device UUID.

     

    - Run "exit" to leave the MySQL console

    - Run "sudo pmtool restartbyid sla" to restart the licensing daemon.

 

 

Enable Export Controlled features in a evaluation

Remote Access VPN policies and the SSL features in Platform Settings policies require export controlled features be enabled.

Hidden Content
  • Please note that these line numbers may change in between versions. They are for Firepower Management Center 6.2.3.4. And if you search around these files in different versions, just look for lines with the value of 'export_control' and change any values of 0 to 1. And change the isExportCompliant function to return 1 in SmartAgentManager.pm file. These changes will also be reverted when you update your Firepower Management Center, so you'll need to reapply them after every update. A update probably will not effect the policies applied to the device, but just be aware of the potential for downtime if you enable automatic updates.

     

     

    - SSH in to your Firepower Management Center

    - Run "sudo su" to become root

     

    - Edit /var/sf/lib/perl/5.10.1/SF/License/SmartLicense.pm

    - On line 93 change "'export_control' => 0, " to "'export_control' => 1, "

     

    - Edit /var/sf/lib/perl/5.10.1/SF/SmartAgentManager.pm

    - On line 1041 change "$config->{'export_control'} = 0; " to "$config->{'export_control'} = 1; "

    - On line 1084 change "return $rval; " to "return 1; "

    - On line 1470 change "$status->{'export_control'} = $export_control; " to "$status->{'export_control'} = 1; "

     

    - Run "pmtool restartbyid mojo_server" for the changes to take effect This doesn't seem to work in 6.2.3

    - Reboot the FMC for the changes to take effect.

 

 

Fix bug CSCve97160, support SMB/CIFS version 2 & 3 and support use of Microsoft Scale Out File Server as a remote storage device

The FMC does not support the use of versions 2 and 3 of the SMB/CIFS protocol. A feature request has been submitted under bug CSCve97160 (

Hidden Content

    Give reaction to this post to see the hidden content.
). Microsoft Scale Out File Server (SOFS) requires the use of at least version 2 of the SMB/CIFS protocol. You should be able to manually specify a higher version of the protocol in System->Configuration->Remote Storage Device->Command Line Options but due improper input validation code it will not allow this. Because a multi-billion dollar company is too lazy to spend 5 minutes fixing their flagship firewall I guess some random guy on a forum has to it for them.

Hidden Content
  • As with the Enable Export Controlled features in an evaluation, you will need to reapply this after every update.

     

     

    - SSH in to your Firepower Management Center

    - Run "sudo su" to become root

    - Edit /var/sf/lib/perl/5.10.1/SF/Types.pm

    - On line 3061 change "return 1 if ( $value =~ /^[-=,\s\w]+$/); " to "return 1 if ( $value =~ /^[-=,\.\s\w]+$/); "

    - Reboot the Firepower Management Center for the changes to take effect.

     

    - Navigate to System->Configuration->Remote Storage Device in the Firepower Management Center

    - In Command Line Options enter "vers=2.0 " or "vers=3.0 " to force the connection to use versions 2 or 3 of the SMB/CIFS protocol respectively.

 

 

 

Hidden Content

    Give reaction to this post to see the hidden content.

 

Edit 08-29-17

- Updated evaluation period to ~88 years.

- Simplified instructions.

- Added support for high availability devices.

- Fixed a problem when inserting rows in to the license_caps table, the value for last_changed column was accidentally omitted in the previous instructions. To fix this problem, in the MySQL console run "delete from license_caps where last_changed = 1; " and then perform the updated instructions above.

- Discovered that export controlled features not only effect Remote Access VPNs but also the SSL settings in a Platform Settings policy.

 

Edit 09-09-17

- Verified crack supports of the use of Remote Access VPN licenses.

- Updated file paths to remove version dependencies.

- Fixed bug CSCve97160, enabled use of SMB/CIFS protocol versions 2 and 3 and added support for Microsoft Scale Out File Server as a remote storage device because a multi-billion dollar company is too lazy to do so and some random guy on a forum has to do it for them.

 

Edit 11-22-17

- Figured out what daemon needed to be restarted to enable export control features, so you dont have to reboot the FMC.

 

Edit 08-27-18

- Updated line numbers to enable export controlled features and fixing bug CSCve97160 for FMC 6.2.3. Using pmtool to restart mojo_server doesnt seem to cause these changes to take effect in 6.2.3.4, reverted instructions to instruct you to reboot the FMC instead since i'm not really motivated enough right now to figure out what else needs to be restarted.

Even though I removed and re-added devices from licenses, "Protection" still isnt there and control.  Running 6.5

  • Like 11
  • Thanks 3

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...