Hey there LookingPoint faithful’s! I hope you are all doing well and continuing to stay safe. Today I wanted to drop a quick how to on how to Whitelist IP addresses in Cisco’s FMC. So, without further of do, lets get to work!
1. Log in to FMC and navigate to the “Analysis” tab Connections/Events.
- This will show you a list of IP’s and URL’s that FMC, is seeing.
2. Next, right click on any IP address you want to either Whitelist or Blacklist. This will bring up a dropdown menu that should show you an option to Whitelist or Blacklist the IP. It will then ask you to confirm.
3. You can verify the added Whitelist IP by going to the Objects tab > Object Management > Security Intelligence (On left side pane) > Network Lists and Feed > Global-Whitelist > edit (pencil icon).
(Please see screenshot below)
- You can either double click on “Global-Whitelist” or click the edit pencil on the far right to view the list of Whitelisted IP’s.
A second way to do this is the following:1. Create a Text file listing all the IP addresses you would like to White/Blacklist and Save locally to your PC.
2. Log into FMC and go to Objects > Object Management > Security Intelligence > Network Lists and Feed > click Add Network Lists and Feeds on the top right of the screen.
- Here you can create a name for the list of IP’s you made.
- In the second dropdown menu, choose the option “List”.
- Now, click “Browse” and search for the list you created on your local PC.
- Click “Upload” and Save.
3. Now, go to the Policies tab on top of the page> Access Control > Click on your Access Control Policy.
- After clicking on your Access Control Policy, click on the Security Intelligence tab on the upper left.
- Under the “Available Objects” list on the far left, search for the name of the list you created. It should now come up as an item on the list.
- Click the name of the list you created and in the middle of the page, you will see two options like below:
- Finally, click Save. You can now deploy your changes to the FTD’s.
Not too bad right? Like I said, short and simple. If you have any further questions, please feel free to reach out to us at firstname.lastname@example.org, we would be more than happy to assist you.
Will Panameno, Network Engineer