Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from Wednesday January 14, 2026 through Friday January 23rd, 2026. Our colleagues Annya Martinez, Jyhan Ocana, and Scott Nishimura will be waiting to assist you and r...
Forum Posts
Hello,I was watching several L2 attacks like:MAC flooding attacks/CAM table overflowARP Spoofing/PoisoningOther Security Subjects,DHCP Server SpoofingMAC address spoofingSome of them can be mitigated with por example Port security others by DHCP snoo...
I have recently installed both IDS and CSPM on an IDC site. I observed the following integration problem between the two.First I generate the policy through CSPM and apply it on the Policy Enforcement Points(PEP). With specific to gateway routers, a ...
Resolved! Multi Site-Site VPNs question
Hi Guys, So I'm working on a proof concept in PT and learning a lot on the way! I just have a question regarding site-site VPNs, Is it at all possible to have a router at the HQ configured with multiple tunnels to various branches? (see image) I kno...
i have a CPE router (Cisco LSR 4000 series)and i will be configure it, i also have a firewall that sits after the CPE that will handle everything the CPE will be only connecting my network to the ISP my question is do i have to do anything related t...
Hi All,I have events for Cisco ASA where I have 2 kinds of connections being built. Case 1: Genuine Connections:The genuine connection will only have one entry which will be as follows.namedeviceEventClassIdBuilt inbound TCP connection302013 Case 2: ...
Resolved! Voip traffic sniffing
Hi, in a recent security audit, in a Catalyst 2960 switch with this config interface FastEthernet0/4 switchport access vlan 30 switchport mode access switchport voice vlan 20 no snmp trap link-status spanning-tree portfastThe auditor has been able to...
I'm studying for my Cisco Security exam and it's going deeper into detail on its decision making process (pretty simple) but I'm not seeing how to make it trust itself, or if it does by default. What I mean is, I can understand that it was intended t...
I got a brand new 881 router with IOS 12.4(20)T and advanced security license. Is anyconnect client supported for IOS? I am able to connect using the old SSL client with no problem, but when trying to use anyconnect (pre installed on machine alread...
hello guys ! i installed a free evaluation version of cisco ise on vmware worskation everything is working ! but i have somme issues ! i can't acces to users , endpoints , policy sets ! is it a licensing problem? I did not understand anything I am wa...
Recently installed amp connector on few of the windows servers and the connector status is showing disconnected.Servers are not reporting on AMP console.We have chosen the appropriate connectors for AD,SQL and other windows servers.Tried some basic t...
i want to do scp from my nx-os switch to my scp server with rsa authentication. The problem is that it still asks for password. The scp server has no permission problem. I did the the steps based on "https://www.cisco.com/c/en/us/td/docs/switches/da...
Hi Team, we are having many cisco swithes including 2960, 3750 , 3650 and 3850 models. can any one help me or suggest what best hardening practices i should configure on switches before Penetration testing.
Hello, I'm utilizing Trustsec in manual mode with the gcm-encrypt setting for layer 2 point to point encryption on some links to other sites in our network. The issue that I'm running into is that it seems to randomly cause the Windows network pro...
we have enable aaa on the asa firewall question is is it possible to login to asa via console with local authentication and bypass aaa
Hello, I wanted to know if I can use the free trial version of Cisco Umbrella at home on my Comcast Xfinity router? I have downloaded the trial version on my PC at home but I don't see support for Comcast router. My home router is not Cisco or Motoro...
