350-701 · Question #363
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address Error! Hyperlink reference not valid. IP>/capure/C
The correct answer is D. Enable the HTTPS server for the device platform policy. To resolve a "403: Forbidden" error when exporting packet captures from Cisco FMC, the engineer must enable the HTTPS server within the device platform policy on the Cisco FTD.
Question
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address Error! Hyperlink reference not valid. IP>/capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?
Options
- ADisable the proxy setting on the browser
- BDisable the HTTPS server and use HTTP instead
- CUse the Cisco FTD IP address as the proxy server setting on the browser
- DEnable the HTTPS server for the device platform policy
How the community answered
(33 responses)- A9% (3)
- B21% (7)
- C3% (1)
- D67% (22)
Why each option
To resolve a "403: Forbidden" error when exporting packet captures from Cisco FMC, the engineer must enable the HTTPS server within the device platform policy on the Cisco FTD.
A browser proxy setting is unlikely to cause a 403 Forbidden error directly from the server for an FMC/FTD interaction, as the primary cause here is server-side.
Disabling HTTPS would downgrade security and is generally not a recommended solution; the issue is that secure access is currently *forbidden*, not that HTTP is preferred.
Using the FTD IP as a proxy is an incorrect approach; the FTD is the source of the PCAP, not a proxy server for the browser in this context.
The error "403: Forbidden" often indicates that the server is configured to deny access or that the required service is not running or enabled. For secure access and export of PCAP files from the FTD via the FMC, the HTTPS server must be explicitly enabled in the device platform policy applied to the FTD device to ensure the necessary secure communication channel is open for file transfer.
Concept tested: Cisco FTD Packet Capture Export Configuration
Source: https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-fmc/config-guide/fpmc-config-guide-v64/troubleshoot-ftd.html
Topics
Community Discussion
No community discussion yet for this question.