I'm trying to block the ESMTP EHLO AUTH response message on an ASA version 9.4(4)16 from coming to the client from the server. The application does not support disabling authentication if the server indicates it is supported, but the server is not managed not by us. Here's what I have:
access-list test-smtp-acl extended permit tcp host 10.200.242.165 host 172.20.119.159
match access-list test-smtp-acl
policy-map type inspect esmtp block-auth
allow-tls action log
match ehlo-reply-parameter auth
inspect esmtp block-auth
I know it's matching, because if I turn on "mask-banner" it shows the typical *** instead of the SMTP server name. However, it is allowing the AUTH command through:
Bonjour,Je cherche à acceder l'interface de management de l'ASA, depuis l'Anyconnect.Malegré que j'ai ajouté les ACLs necessaires, mais l'acces management ASA en SSH depuis le vpn nomade ne passse.Je me demande si on peut manager l'ASA en ssh ou autres pr...
I am involved in rolling out about 40 wifi networks using cisco 3602/2802 aps and cisco 5508 ISE. Our network offers a 2 step authentication with user and machine certificates as well as users needing to be in correct AD groups. The problem we have i...
ASA Site-to-Site VPN using IKEV1 Configuration Example
Configure a Site-to-Site IPSec IKEv1 Tunnel Between an ASA and a Cisco IOS Router
Site-to-Site IKEv2 Tunnel between ASA and Router Configuration Examples
Site-to-Site VPN Tunnel wit...
Dear Community, So, according to the Cisco ISE Release 2.7 Administrator Guide, it should be possible to use a remote lock/wipe on MDM-devices that connect through ISE on the network( see the screenshot in the attachment).The problem is that th...
Hi, We currently have 2 Cisco 5525X ASA's in active/standby state. We have 750 concurrent Anyconnect licenses with the below licenses:AC-PLSM-5YR-500-S & AC-PLSM-5YR-250-S. (These are expiring soon) I have asked to get these renewed by our l...