Hi all,Just downloaded SecureClient 5.1.17.3394 and I am having trubles with authentication with certificate after upgrade.After downgrade to previous version I used so far 5.1.16.194 the problem disappeares.The 5.1.17.3394 client getting me message ...
Forum Posts
When our user tries to connect to a client-provided Cisco VPN, instead of getting the MS login prompt, they are redirected to the Okta login for their windows-linked corporate account. How can we prevent the Cisco client trying to use SSO and present...
Resolved! New device not polling in Solarwinds!
We replaced a remote router that has all the same configs as the previous router however Solarwinds continues to show the device as down "Could not poll" or "Bad username" error when the device is actually up and pingable. Any advice?
I have migrated our ASA configuration to a Cloud-Delivered FMC. I have a lot of things setup but I'm stuck on something.I want to setup either LDAP or SAML based authentication checking for Entra ID group membership. Basically we have an AD group t...
Hi, I believe there is a bug with AnyConnect - Client Profile Editor (both the software version and the cloud editor in Cisco Cloud Client Management portal)In certificate matching section when you enable "Match only certificates with extended key us...
Dear community,I have a strange behavior with the VPN session timeout configuration of our RAVPN (running on FTD 7.6.4, managed by FMC).At first, it was set as unlimited on the FMC (appeared as vpn-session-timeout none on the running configuration of...
I have configured RAVPN and I am trying to access the outside of the firewall to download the VPN client. I put in the url setup to access to outside interface of the firewall but can't get any reply. I am pretty sure I have everthing configured as r...
Hi,Our objective is to use is to use secure client for Wifi/Wired connection, but we notice there is service option in NAM that Wifi/Network service that when user toggle this option they will be able to use the nativie Wi-fi and we dont want it.is i...
I have a question: I’ve set up the Cisco Duo Authentication Proxy with RADIUS for MFA push on both the server and the firewall. Do I also need to create a Network Policy and Access Service on the server so the firewall can authenticate properly?
So, as per cisco's configuration guide: The GDOI protocol is protected by an ISAKMP Phase 1 exchange. The GDOI key server and the GDOI groupmember must have the same ISAKMP policy. This Phase 1 ISAKMP policy should be strong enough toprotect the GDOI...
Environment Details:Operating System: macOS Tahoe (Version 26.x)VPN Endpoint Client: Cisco Secure Client v5.1.8.122 (AnyConnect Generation 5)Affected Application: Mozilla Firefox (All active branches)Observed Symptom:Immediately upon disconnecting a ...
Hello,Is there any posture features we miss if we want to do posture on RA VPN clients without ISE and instead use Hostscan and DAPs in the ASA? Are the same posture checks availible? I understand we also can get Advanced Endpoint Assessment for reme...
I don't understand the working of DMVPN especially in phase 2 and phase 3. When talking about NHRP Resolution request from one spoke to another spoke through the hub, like why do even need that request to go to all the way through hub. Isn't it good ...
Can anyone help me with those different fields in NHRP especially some of them doesn't make sense to me atleast yet. The only few important one regarding DMVPN are the Fixed Header, Mandatory, Responder Address which I got to know and in those also t...
Hi all,We are running FTD 3120 with FMC 7.6.4. The FTD has two outside-facing subinterfaces connecting to two separate N9K switches (no vPC). We wanted to terminate RA VPN on a Loopback interface so users have a single stable public IP regardless of ...
