I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?
The answer depends on how you signed into SecureX. To start, remember that CSA is the identity provider (IdP) for AMP, Cisco Threat Response (CTR), Orbital, and optionally for Threat Grid. CSA can be configured to delegate authentication to SecureX sign-on.
1. I signed into SecureX using SecureX sign-on
In this case, you have a SecureX sign-on browser session, but you don't yet have a CSA session. You need to initiate a CSA session by choosing "Single sign-on" and clicking through to join your SecureX sign-on session.
2. I signed into SecureX using CSA:
In this case, you should have a CSA session when you click the AMP launch button, and be connected directly to your configured AMP tenant. Remember, it is connected to your specific tenant, whether North America, EU, or APJ.
We are trying to configure Cisco Phones with a VPN to connect to our VPN Cluster. We are using Cisco 8851 phones. We have 2 VPN clusters. One contains 6 ASAs and the other contains 3. Those are in geographically separated data cent...
Hi Team, I am trying to upgrade ISE from v2.4 to 2.7 currenlty and am stuck at an annoying part where I am unable to get upgrade bundle copied over from a Windows Server based SFTP repository to ISE local disk. The port 22 communication is...
Hi,I would like to ask for experts' opinion on how to address the following design scenario: We currently rely on Posture (Anyconnect based) for NAC via ISE for granting endpoint access to our network (per VPN as well as WLC based) based on a given s...
Hi guys,Running ACS v5.8 and created an admin account in the ReadOnlyAdmin role but when they try and login to web gui(https://<ip address>/acsadmin) they get Access Denied. If I make them a SuperUser they get on fine........any ideas for ReadOnlyAd...