Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
0
Helpful
0
Replies

CIS Controls created a few latent issues with various firewalls

ABaker94985
Spotlight
Spotlight

‎06-11-2021 01:00 PM

I'm sure you all are familiar with the CIS controls. We've had a couple issues tied with (I think) one of the changes, and one we can't get resolved. I believe the issue comes from "password encryption aes." We initially deployed the changes to 3 firewalls. The first issue was with a firewall (I'd have to dig through notes to get the type and firmware) that couldn't re-establish a site-to-site VPN after two weeks. I put the key back in, and it worked for a couple weeks and failed again. That firewall was the only one of the three to have issues, so I upgraded the firmware, and it's been fine since.

 

We later deployed the changes to 12 other firewalls. 3 of these can no longer be managed by SNMPv3. I've removed and pasted the configuration back into these 3, and I can't bring them up. I've reconfigured our NMS. I'm at a loss. There are two different firewall types between these 3 running two different versions of firmware (9.1(7) and 9.14(2)). The other 9 are running identical configurations with some of the same versions of firmware. I created a template on our NMS to make configuration easier, and I've tried to manually enter the parameters, and this still doesn't work. 

 

Any thoughts or similar experiences?

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card