I see the logs like below on ISE .I turn on machine authentication, and AD is correctly working with ISE using PEAP.however, as shown, the machine authentication can not be processed.so the attribute "Network access> WasMahineAuthenticated " is meani...
Forum Posts
On firepower 1140, I can't setup port-channel between sfp ports. FDM version was 6.4.0 I upgraded it to 7.0.0-94. On both versions it doesn't work.How I can solve it. I need very urgent solution on that.Thank you for your support
Resolved! IOS version Star
Hello All, I have a simple question. What are the risks of using the above-recommended version with a star? My client has FMC and FTD 4110 Firewalls in version 6.6.1.I know that Cisco currently recommends version 6.6.4.Due to BUG, I see that it needs...
We have a pair of ASA-5545X's running 9.14.2 that we'd like to try to configure Windows NPS for users to be placed into VLANs when they VPN into our firewall. Reference https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-n...
I have Cisco ISE 2.6 patch 8; physical appliance; each node has dedicated personas.I have successful ODBC connection with SQL server; and it works completely fine. I have added 8 various container in ISE as a ODBC external connection but recently i h...
Hello All, I've been on this for days now and have made a bit of progress but haven't quite gotten it yet. I'm trying to establish an LDAPS connection between an ASA5525-X and Ms AD on Server 2016 for use in authenticating Anyconnect VPN users coming...
Hello, Public IP block from ISP gave is all occupied, so I requested extended IP block to ISP.so I got new IP block with new port (same router), but I am not sure how can I make this new IP block to apply my firepower.Here is the image what I am cons...
Hello! Im trying to configure macsec conections beetwen two C9300L-24T-4X , but when i try to use "sap pmk" command there is a message "% Unrecognized command" appears. How can i enable macsec functions?
Resolved! How to Setup ISE CIMC
I booted the ISE and press F8 to setup CIMC basic configuration like below. IP(Basic)IPv4 [×]DCHP enabled: []CIMC IP: 10.10.10.100Subnet: 255.255.255.0Gateway: 10.10.10.254Pref DNS Server: 0.0.0.0 VLAN (Advanced)VLAN enabled: [×]VLAN ID : 10Priority:...
Resolved! Using wildcard in URL filtering
hi, How can i block all connections to *.microsoft.com (for example)? Can i use custom URL object *.microsoft.com or firepower doesnt support wildcards?
Hi, i have a 5506-x at Site B connecting to a 5515 at Site A via a site-to-site VPN tunnel. there is only the one Domain Controller at Site A which i'm trying to setup LDAP authentication from Site B for Anyconnect VPN users. if i setup authenti...
Resolved! New Routed Subnet on Cisco ASA
I have a new Cisco firewall which has version 9.8(2) software, yesterday our ISP provided a secondary routed subnet /29 this is routed to the firewalls /30 IP Address. It's not a secondary subnet with a new gateway etc it's just a routed subnet strai...
Resolved! Multiple WAN subnets on ASA 5516
We are upgrading our ISP link to a VRRP connection and in doing so they needed two of our public IP addresses. Due to this change they have provided two public subnets that they are providing via one handoff. My question is how do I set this up on ...
Currently working on a FDM on a 1010 that has content filtering w/ a few categories set to block (is there a way to just do monitoring like you can on an FMC by creating an allow policy and reviewing destinations?) and the rule has logging enabled fo...
Hello All, I am trying to see if there is a way to convert the config file from a ASA from a text file to a csv file? Thanks in advance! Replies rated
