Here is the situation: (IPv6-LAN) * (IPv4-LAN) * * ...
Forum Posts
What is the difference b/w End of software maintenance date and End of security vulnerability Date.
Hi Professionals, I set up a Cisco 2110 device with a FTD 7.2.5 ios version but it does not have the following basic interface configuration: cts manualpropagate sgt preserve-untagpolicy static sgt disabled trusted Please can the absence on this on t...
Is there any cyber security free online course is going on or about to start very soon???
Hi all,I'm working on setting up an IKEv2/IPSec VPN tunnel from an FTD (6.2) managed by FMC to Azure. The tunnel is up and icmp is working fine but our server engineer is reporting issues with RDP and domain controller replication.We're wondering if...
Good morning,I realize our 9396PX's are EOL but we won't be replacing them until later this year. These devices are currently popping hot on the "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)". When I do a "sh ssh key rsa" it shows only S...
Hi all im trying to renewal the self sign certificate of the ASA FDM by using the following commands at FDM expert mode:openssl genrsa -out privateserver.key 4096openssl req -new -key privateserver.key -out FP5516.csropenssl x509 -req -days 365 -in ...
Hi, I have configured MFA authentication for the Cisco AnyConnect VPN, however it still requires the full email and password each time, prior to sending the MFA prompt.Is there a way to configure AnyConnect to use the credentials on the machine so th...
aaa new-modelaaa local authentication attempts max-fail 6aaa group server tacacs+ ISE_GROUPserver name TACACS_ISE_SPserver name TACACS_ISE_PDserver name TACACS_ISE_PRserver name TACACS_ISE_PUNEaaa authentication fail-message ^CCCCCCCCCCCLogin attempt...
We need to be able to stipulate the criteria for what is an acceptable password. The VG450 runs IOS XE systems support this with the following command: aaa common-criteria policy PASSWORD_POLICYmin-length 15max-length 127numeric-count 1upper-case 1lo...
Hi,Are these two ip ssh commands related?If I set "ip ssh dh min size 4096", does it mean kex below DH group 16 (i.e. diffie-hellman-group14-sha1 and diffie-hellman-group14-sha256) won't be allowed when I config "ip ssh server algorithm kex" for ssh ...
The Cisco Secure Design team wants to better understand how you and your team think about your organization's IT and security needs- especially how your team plans to achieve user protection. If you’d like to be considered for this research, please t...
I have Cisco C9200L-48P-4G with ISO 17.03.04b.I do have the below configurations.ip ssh server algorithm kex ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1ip ssh client algorithm kex ecdh-sha2-nistp256 ecdh-sha2-...
Hello!I want to implement this network with the technique router on a stick to perform intervlan routing.The first router connected to the ISP will be the edge routerThe firewall is ASA 5505The second router will be the internal routerHow do i imple...
We are attempting to use Cisco Umbrella for DLP policies for our organization. We backhaul branch traffic to our datacenter that is then sent to the umbrella cloud for inspection through VPN tunnels configured on our Firepower FTDs. We have AnyConnec...
