Network Security

Created a Route Based IPSEC Tunnel on Cisco FTD 2140

I have a Cisco FTD 2140 Secure Firewall that I am trying to build a route based IPSEC tunnel using VTI's. The vendor needs my proxy ID or encryption domain to be presented as a public IP address. So my WAN IP is obviously public but my internal netwo...

What is ASP?

What is ASP in ASA?How it works.Router forward Traffic based on CEF.then How ASA Forward traffic?

Potential CSRF attack dtected - ANYCONNECT, SSL WEBVPN

Gentlemen need you help.We can successfully connect with anyconnect to asa. However when we implement SAML Authentication (DUO 2 Factor authentication) We cannot connect with the error Potential CSRF attack dtected.We can see this is a cross site scr...

Anyconnect loses connectivity to outlook and web browsing randomly

Hi All,Im having an issue with cisco Anyconnect that is increasingly causing an issue. I have a Cisco Firepower managed by FDM with an identity source of our on prem AD server. the identity policy is set to produce a captive portal when the browser o...

Resolved! ASA-- Any special config needed for this (simple?) connectivity?

Hello. Simple quick question...Inside the LAN I'm installing a new vendor's Cisco box that has a preconfigured VPN to a server on the www. All communication will originate inside this new box that connects to a switch that connects to the inside inte...

Resolved! At end of ACL, what means "inactive"?

Hi.ACE...access-list ENTERPRISE_DMZ_IN extended permit ip host 172.16.1.1 host 172.16.1.5 inactiveAt end of this ACL, what does the command "inactive" do?Thank you!

Cisco Firepower FMC Certificate Expired but status available

Hi,We have FTDs mgmt by FMC version 7.0.1. We are using certificate authentication on RA VPN configuration. Indentity Certificate signed by our local CA has been expired, we have installed a new indentity certificate. Have refreshed the cert status o...

CVE-2002-1623

Hey Team, The Last Scan shows that a few routers on my network are vulnerable for IKEv1 aggressive mode with pre-share key (CVE-2002-1623) please what are your recommendations to patch this vulnerability. thanks in advace.

Always-on VPN using Azure SAML

Hi, can anyone assist with this: We are proposing a Cisco ASAv and AnyConnect Client VPN solution for a customer. The ASAv will run in Azure, so we suggested SAML authentication for easy Azure AD single sign-on integration. However, the customer ha...

OAuth for Anyconnect VPN users

Hi, We know that Cisco supports anyconnect over SAML, but does OAuth also supported? If yes, how to confiurate it on cisco asa. I dont see any as such config document. Please need a quick response. Thanks in advance.

Resolved! Cisco FTD Password Change

Hello,We have cisco FTD which is integrated with Active Directory. Also there is configured Remote Access VPN (Anyconnect), Authentication done via AD User. There is problem with password change, when users password is expired, he cannot login into v...

Resolved! ASA - AnyConnect - Want to terminate user based on certicate

Hello, We are using AnyConnect AlwaysOn with certicate auth.When PCs are stolen (it happens) - I would like to terminate the specific PC based on certicate name or PC name. In the log, it looks like the PC-name comes in as Username"Group <RemoteAcces...

FTD-Anyconnect Start Before Logon Client issue

Hi dears,I hope you are looking well...I have a small issue with start before login which is when I finish the installation the start before login icon appears in corner when I shutdown the PC and when I sign out but not appears when I lock out the P...

Resolved! Server got lost from LAN while allowing Internet connectivity

Hello Team, Seeking your help with an issue I've been facing deploying a new ASA5555 FW. We have a server behind the LAN interface which is well reachable over Cisco AnnyConnect profile, that server needs also internet connectivity and here is when t...

Resolved! SSL Certificate on ASA - Missing something?

Hello All , I have added an SSL cert for the ASA - ciscoasa.ladderbar.com (195.36.189.55) and applied the certificate on the SSL settings on the ASA so when users use anyconnect using the DNS name (ciscoasa.ladderbar.com) it works good and no risk m...

Network Security

Forum Posts

Created a Route Based IPSEC Tunnel on Cisco FTD 2140

What is ASP?

Potential CSRF attack dtected - ANYCONNECT, SSL WEBVPN

Anyconnect loses connectivity to outlook and web browsing randomly

Resolved! ASA-- Any special config needed for this (simple?) connectivity?

Resolved! At end of ACL, what means "inactive"?

Cisco Firepower FMC Certificate Expired but status available

CVE-2002-1623

Always-on VPN using Azure SAML

OAuth for Anyconnect VPN users

Resolved! Cisco FTD Password Change

Resolved! ASA - AnyConnect - Want to terminate user based on certicate

FTD-Anyconnect Start Before Logon Client issue

Resolved! Server got lost from LAN while allowing Internet connectivity

Resolved! SSL Certificate on ASA - Missing something?

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

same question, same issue, Intervlan routing not possible at FTD

Migrate from FMC virtual 300 to FMC virtual

FMC Connection Events Export

Technical presentation document for Firepower needed

KDC has no support for encryption type on ASA 9.18(4)22

FMC 7.2.5.1: Smart Agent is not registered with Smart Licensing Cloud

FTD 3105 : the disk /dev/nvme1n1 is unable to be unlocked or reverted

Stateful Firewall on Cisco Catalyst 9300 Series SwitchesStateful Firew

connetion events in FMC

Cisco FMC strong encryption license code