is it possible to use airespace acl in ISE authorization profile for anyconnect vpn on cisco ASA
Forum Posts
I uninstalled Cisco from my Mac, but I am still getting the Cisco AnyConnect Secure Mobility Client Notification window popping up every time I start my computer. The window tells me that the extension has been blocked and tells me to go to my Securi...
Hello, We have an ASA 5515, when our uses use the VPN they can access the local file servers just fine. But when they browse the internet they use their home internet, from what I understand this is split tunneling. Unfortunately, we have a website...
Hi,I have task of deploying 25-30 FPR1010 managed from FMC.Is there an easy way to clone/copy interface/subinterface setup from a standard device or do I really need to type in all the interface config via the GUI. The IP is of cause different but na...
Hello guys I need your help, We are using a virtual asa for vpns user, thats ok, works fine, but I don´t have a permanent licence yet, mean while Im using a demo licence and this expire tomorrow, Cisco give another demo for 30 days si... this my q...
Resolved! ACL Denies With Permit Statements
I am working on creating ACL to lock down our VLANs. I am running into some issue though. These are outbound ACL'sHere is my ACLip access-list extended veneer-75remark permit KaceSMA agent accesspermit tcp host 192.168.210.70 10.2.75.0 0.0.0.255 eq 4...
I have already configured one of my ASA with Azure SAML SSO authentication. My second ASA is having the following error: authentication failed due to problem retrieving the single sign-on cookie when connecting to AnyConnect. I have verified certs, c...
I have a static route on my ASA5545X I need to remove. It points to a remote network through a downstream gateway.When I do a no route inside 172.31.150.0 255.255.255.0 172.25.36.1 I get the message: cannot remove connected route There is a command t...
See this message on the FTD when looking on FMC. Will clicking the re-enroll certificate cause any issues?
Resolved! FTD Interfaces
HiWe ahve FTD2100 and have different security zones what is the purpose of interface groups and are they needed, i just created x2 new sub-interfaces and security zones but havent created interface groups there are other interfaces with groups, is t...
Resolved! Extended Named ACL Denying Traffic
I have the following ACL. For the most part everything is working in the ACL as it should be. The problem is that even though 192.168.203.0 is permitted, I still get denies in the logs. The logs will be below the ACL. We switched from TCP to IP in th...
using Cisco Firepower 2100 ASA Platform Mode. You want to change the mgmt IP on the fxos for NTP Sync. In the Cisco Firepower 2100 ASA Platform Mode FXOS Configuration Guide, it says to change the MGMT IP in both FXOS and ASA, is this correct? If s...
Hi all,What is probably a simple question, but wih a HA pair, how can I configure the ASA's to be able to access the secondary unit ? Should I simply be Telnetting / SSHing from one to the other to the Failover address ?
Resolved! CISCO ASA 5525
How will I verify that which policy is currently active for incoming traffic received from Dmz ?I will need to move internal traffic which is coming from Dmz to another firewall. Please advice
Hi, we have below architecture in which routing between different firewall take place via Internal firewalls only. We have used the core switch only to create VLANs and Connect to access switch. We also have Internet firewall which is connected to co...
