Does Cisco have a published document that shows the requirements for their SCRYPT implementation (type 9 encryption)? I want to be able to generate all of my secrets off the device and them import them later but I need to know the values they use for...
Forum Posts
- Customer have existing an ASA software install in ASA5508 but they would like to integrate with RSASecurID for two factor authentication ? So I concern that which component require and subscription level for integrate with RSASecurID for Two factor...
I have an ASA 5555. The SmartCallHome cert has expired and we are getting alerts on it. We do not use this feature. Can I delete the cert, or will that cause problems with something? It is expired already and I haven't seen anything that looks li...
I really don't know where to ask this question so I'll go ahead here. I just came over this article: https://backendnews.net/2020/01/25/cisco-opens-first-cybersecurity-co-innovation-center-in-europe/ and am curious whether CISCO has a similar center ...
Hello team, Can you confirm if the Security Choice EA is Subscription only? Or is there perpetual products included also? Thanks!
This topic is a chance to clarify your questions about Cisco Threat Response, from its components and new features to the resources to get started. During the session, the Threat Response team will answer questions about how Cisco Threat Response can...
Hi all,We have some Cisco ws-3850-24xs switches. As per one of the VA findings , the switches are using SSL certificates that are signed by a weak hashing algorithm. We are unable to get external CA to issue certificates. Please be kind enough to let...
Resolved! CoPP with ACL
Hello everyone, 1)I already got a ACL for ssh applied to vty lines.ip access-list standard vty-accesspermit xx.xx.xx.xx logline vty 0 4access-class vty-accesstransport input ssh 2) ACL to use with CoPP access-list 101 permit tcp xx.xx.xx.xx yy.yy.yy...
Hello, I have a Cisco ASA 5516-x with the Thread Defense license bundle installed on it, the bundle includes FirePOWER, Advanced Malware Protection (AMP) and Cisco Threat Grid, and URL filtering. I would like to get a second 5516-x appliance so I ca...
Resolved! CoPP class-map match rule question
Hello everyone,If you use the example ACL 121 for CoPP best pratice :access-list 121 permit tcp <NOC block> <router receive block> eq telnetaccess-list 121 permit tcp <NOC block> eq telnet <router receive block> established access-list 121 permit tcp...
When you have multiple isakmp polities defined, how do you know which policy your crypto map is using? For example:crypto isakmp policy 1 hash md5 authentication pre-share!crypto isakmp policy 5 encr 3des authentication pre-share group 2crypto isakm...
Resolved! Switchport Protected
Hello, When you have 2 devices(PC/Phone) connected to a single switch port and using Switchport Protected command on interfaces, how can we get IP Phone call other IP phones on the same switch while not letting PCs have connectivity to other PCs?
Hi All- We are looking at various methods of network segmentation. We initially implemented DACLs. My security guy is somewhat suspect of this as the DACL seems to only allow limits on traffic leaving the interface, not on traffic entering the inte...
customer have a radius server and he would like to use it to authenticate access to a switch , i did the belowaaa new-modelradius-server host 1.1.1.1 auth-port 1812 acct-port 1813radius-server key ciscoaaa authentication login default group radius w...
