I have a strange problem where the active FW in a HA pair (5585X-SSP40 ASA 9.4.2) is passing through traffic okay but SSH is not getting to the FW.
The SSH config is setup to accept from any source (0.0.0.0/0) and this works to the secondary standby.
The management routes point to the correct destinations as the secondary/standby is reachable using the synced config from remote SSH terminals. I can ping the secondary management IP but not the primary.
For a few hours I could SSH directly from the management switch in the same VLAN as the ASA management IP but this has stopped now also. When on the primary SSH'd from the local switch I can ping out beyond the VLAN.
Fail over state shows the affected device for management access is primary and the peer is standby ready.
Before I go and raise a Cisco TAC and cause myself a realm of grief with our client I wondered if anyone out there has had similar issues and can recommend anything to look at.
Community Live Slides- How to optimize your Cisco Security investments with Threat Response
(Live event - formerly known as Webcast- Tuesday February 18, 2020 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
This event will have place on Tuesday 18th, ...
Two main issues I am facing as part of ISE guest access POC lab.On any device on first attempt connections works smooth. However, if I disconnect and reconnect the SSID, its repeatedly giving "Couldn't get an IP address" or "No internet connection" on con...
Microsoft published a security advisory providing guidance to increase the security for communications between LDAP clients and Active Directory domain controllers. The document introduced the use of LDAP channel binding and ...
Hi, Hoping someone can help. I am getting the following error message when trying to connect to Cisco any connect: Cisco connection attempt has failed due to network or PC issue.Does anyone know how to solve this issue?
Dear all,can you please share, based on your experience, how should looks like an Endpoint Purge Policy? I would like to Purge all the Endpoints that didn't authenticate during the last 6 months, for example. Thanks,M.