https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192771#M1115654 <P>Do you use ISE?</P> <P>MHM</P> Tue, 10 Sep 2024 15:32:39 GMT MHM Cisco World 2024-09-10T15:32:39Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5172605#M1115623 <P>Here is what users are seeing:&nbsp;<SPAN>Login denied. Your environment does not meet the access criteria defined by your administrator.</SPAN></P><P><SPAN>I have taken over for another admin and there are 5 DAP policies and 1 default. I am not sure where to change the minimum for each policy to allow access. Do I need to delete all policies and rebuild them? Or is there another way?</SPAN></P> Fri, 06 Sep 2024 21:00:48 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5172605#M1115623 coreillycisco 2024-09-06T21:00:48Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5191936#M1115624 <P>are you run posture&nbsp;</P> <P>only posture check client&nbsp;</P> <P>it not DAP I think&nbsp;</P> <P>MHM</P> Mon, 09 Sep 2024 07:14:42 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5191936#M1115624 MHM Cisco World 2024-09-09T07:14:42Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192104#M1115634 <P>You can start by logging cli output while running "debug dap trace" while a client is trying to login.</P> <P><A href="https://community.cisco.com/t5/security-knowledge-base/information-to-acquire-for-dap-troubleshooting/ta-p/3145426" target="_blank">https://community.cisco.com/t5/security-knowledge-base/information-to-acquire-for-dap-troubleshooting/ta-p/3145426</A></P> Mon, 09 Sep 2024 13:38:13 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192104#M1115634 Marvin Rhoads 2024-09-09T13:38:13Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192110#M1115635 <P>Hostscan is enabled.&nbsp;</P> Mon, 09 Sep 2024 13:55:14 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192110#M1115635 coreillycisco 2024-09-09T13:55:14Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192111#M1115636 <P>Thank you. I will do this. I know when I reboot the primary DC and it is offline, access to the vpn is granted. This just started a few days ago.&nbsp;</P> Mon, 09 Sep 2024 13:56:20 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192111#M1115636 coreillycisco 2024-09-09T13:56:20Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192225#M1115638 <P><A href="https://www.cisco.com/c/en/us/support/docs/security/secure-access/221176-troubleshoot-secure-access-error-login.html" target="_blank">https://www.cisco.com/c/en/us/support/docs/security/secure-access/221176-troubleshoot-secure-access-error-login.html</A></P> <P>MHM</P> Mon, 09 Sep 2024 18:01:48 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192225#M1115638 MHM Cisco World 2024-09-09T18:01:48Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192766#M1115653 <P>I do not know where to find this. I am using ASDM version 7.12. We do not have current support with Cisco.&nbsp;</P> Tue, 10 Sep 2024 15:22:50 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192766#M1115653 coreillycisco 2024-09-10T15:22:50Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192771#M1115654 <P>Do you use ISE?</P> <P>MHM</P> Tue, 10 Sep 2024 15:32:39 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192771#M1115654 MHM Cisco World 2024-09-10T15:32:39Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192784#M1115655 <P>No. We are not using ISE.&nbsp;</P> Tue, 10 Sep 2024 15:55:10 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5192784#M1115655 coreillycisco 2024-09-10T15:55:10Z https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5194344#M1115768 <P>The issue has resolved itself for now. Not sure where the logs are to look into them. I am sure it will arise again.&nbsp;</P> Fri, 13 Sep 2024 13:50:43 GMT https://community.cisco.com/t5/network-security/cisco-firewall-denys-connections/m-p/5194344#M1115768 coreillycisco 2024-09-13T13:50:43Z