Cisco Firewall Denys connections

coreillycisco · ‎09-06-2024

Here is what users are seeing: Login denied. Your environment does not meet the access criteria defined by your administrator.

I have taken over for another admin and there are 5 DAP policies and 1 default. I am not sure where to change the minimum for each policy to allow access. Do I need to delete all policies and rebuild them? Or is there another way?

MHM Cisco World · ‎09-09-2024

are you run posture

only posture check client

it not DAP I think

MHM

coreillycisco · ‎09-09-2024

Hostscan is enabled.

MHM Cisco World · ‎09-09-2024

https://www.cisco.com/c/en/us/support/docs/security/secure-access/221176-troubleshoot-secure-access-error-login.html

MHM

coreillycisco · ‎09-10-2024

I do not know where to find this. I am using ASDM version 7.12. We do not have current support with Cisco.

MHM Cisco World · ‎09-10-2024

Do you use ISE?

MHM

coreillycisco · ‎09-10-2024

No. We are not using ISE.

Marvin Rhoads · ‎09-09-2024

You can start by logging cli output while running "debug dap trace" while a client is trying to login.

https://community.cisco.com/t5/security-knowledge-base/information-to-acquire-for-dap-troubleshooting/ta-p/3145426

coreillycisco · ‎09-09-2024

Thank you. I will do this. I know when I reboot the primary DC and it is offline, access to the vpn is granted. This just started a few days ago.

coreillycisco · ‎09-13-2024

The issue has resolved itself for now. Not sure where the logs are to look into them. I am sure it will arise again.