Security Blogs

239 Views

0 Comments

Radius server configuration for 802.1X Server radius test1 Address ipv4 10.1.1.1 Key 1234 ! Server radius test2 Address ipv4 10.1.1.2 Key 1234 ! aaa group server radius TEST-gr server name test1 server name test2 ! aaa authentication dot1x default group T... Read More

162 Views

0 Comments

Umbrella’s cloud-delivered firewall (CDFW) is a cool features that provides Firewall Services in the Cisco Umbrella Cloud without the need to deploy on-premises firewall devices and visibility and control for internet traffic across all branch offices. To... Read More

148 Views

0 Comments

GRE over IPSec Crypto map int tunnel 1ip add 172.16.1.1 255.255.255.0tunnel source G0/0tunnel destination 2.2.2.2!access-list 100 permit gre host 1.1.1.1 host 2.2.2.2!crypto ipsec transform-set TS esp-aes esp-sha-hmac!crypto map TESTset peer 2.2.2.2match ... Read More

521 Views

2 Comments

Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios with ... Read More

246 Views

0 Comments

Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website is trust or malicious, the idea behind the Layer DNS Security is that the modern attacks uses the DNS in the first step either to redirect the use... Read More

353 Views

0 Comments

I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces. The method used for Guest Access is the Self-Registration. Healt Monitor using HTTPS with ... Read More

431 Views

0 Comments

I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the... Read More

524 Views

3 Comments

The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea... Read More

526 Views

0 Comments

On Cisco Firepower Threat Defense there are two ways to do SSL Decryption (two actions in the SSL Policy). Decrypt-Resign: for outbound connection (from an inside PC to an external server). Decrypt-Known-Key: for inbound connection (from an external PC to... Read More

1609 Views

0 Comments

Cisco Secure Endpoint offers several protection engines which fight against threats like ransomware and zero-day. Are you an admin looking for protection on a short to mid-term basis or beginning to roll out protection across your organisation? The best p... Read More

1185 Views

0 Comments

Sometimes you want to see how the tunnel and the transport modes works with encapsulation, especially when using GRE over IPSEC and you would like to decrypt the ESP or IPSEC packet to see how GRE packet is encapulated with the two modes, especially for s... Read More

Everyone's tags (18):

518 Views

0 Comments

R(config)#ip access-list extended \\ Vytvoření ACL pro určení provozu určeného pro IPsec R(config-acl)#permit gre host host \\ Povolení peerů tunelu R(config)#crypto isakmp policy \\ Konfigurace ISAKMP pro IKEv1 SA navázání R(config-isakmp)#encryption... Read More

Everyone's tags (7):

4448 Views

5 Comments

Hi Cisco Community! We’re excited to announce the launch of the new enterprise-class Cisco Secure Firewall 3100 Series! This new Secure Firewall Series supports our evolving world by making hybrid work and zero trust practical, with the flexibility to ens... Read More

Everyone's tags (3):

5125 Views

0 Comments

Discover the value of Secure Firewall Cisco commissioned Forrester Consulting to perform an unbiased cost-benefit analysis of Cisco Secure Firewall to measure its operational efficiency and threat efficacy over a three-year period. Learn how Cisco Secure ... Read More

Everyone's tags (2):

6153 Views

0 Comments

Domain fronting is a well known CDN vulnerability that emerged several years ago. It is exploited by setting an HTTP host header that is different from the TLS SNI extension to hide a malicious domain request inside an SSL connection to a benign domain. T... Read More

Latest Contents

Meraki MX site-to-site VPN with Oracle (or AWS) with dual tu...

Created by sw28671 on 05-24-2022 05:07 PM

I have one Meraki MX250 and need to establish a site-to-site VPN with Oracle Cloud. Oracle creates two tunnels for its site-to-site VPN, and each tunnel has a unique public IP. Apparently, AWS does this too. I'm assuming that for my ... view more

SSL certificate

Created by Raj G on 05-24-2022 03:59 PM

dear professional, i have a cisco 9800 wlc, cisco ise, and ad server. Now my requirement is to setup wireless client to authenticate using active directory account via cisco ise. Now i got below question: 1. I beleive i need to setup 802.1x auth... view more

Cisco FTD interfaces monitoring

Created by IamSamSaul on 05-24-2022 01:01 PM

Hello Team, I got two Cisco FTDs being managed by Cisco FMC. I'm looking for a way to monitor the interfaces (inside and outside) of both FTDs when there is change in their status i.e. Up, Down, when there is no traffic passing through them etc... view more

Cisco VPN Version 4.2 Issues

Created by Translator on 05-24-2022 11:36 AM

For weeks now I have been running issues with some different user workstations working in the Home Office mode that use the Cisco VPN Version 4.2 client by throwing the message I have added to this forum, providing support for restarting a computer or pc,... view more

VPN and Anyconnect failover

Created by jonathandill76 on 05-24-2022 11:33 AM

I have a setup with 2 FTD's- primary and secondary and 2 ISP's. When my primary ISP fails, while we still have internet access via the secondary ISP, I loose vpn access. Can you recommend a setup that if my primary ISP fails, vpn would still work and publ... view more