I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?
The answer depends on how you signed into SecureX. To start, remember that CSA is the identity provider (IdP) for AMP, Cisco Threat Response (CTR), Orbital, and optionally for Threat Grid. CSA can be configured to delegate authentication to SecureX sign-on.
1. I signed into SecureX using SecureX sign-on
In this case, you have a SecureX sign-on browser session, but you don't yet have a CSA session. You need to initiate a CSA session by choosing "Single sign-on" and clicking through to join your SecureX sign-on session.
2. I signed into SecureX using CSA:
In this case, you should have a CSA session when you click the AMP launch button, and be connected directly to your configured AMP tenant. Remember, it is connected to your specific tenant, whether North America, EU, or APJ.
Is it possible to get/ download Compliance Module Software from ISE Appliance where it is configured ? I have a problem when a new user ( never connected before to VPN ) not getting the Compliance Module Downloaded. As a result Users are not Compliant and...
I have a ikev2 definition that looks like it is working. I have line/protocol up.I am on my router where my tunnel to google is. The tunnel is also there. I can ping google from there but I am unsure its going out the tunnel and not just the internet conn...
Hi Guys, I have an ISRg3 WAN running IOS PKI & SCEP with flexVPN which is working well. I have tested the Hub CA with both SCEP 'Grant Auto' and 'Terminal Manual' Spoke enrolment which works great. However, I'm after a halfway house in an ideal w...
Does anyone know what the maximum supported contexts is on the FPR1140? This article mentions: 10CLI Book 1: Cisco ASA Series General Operations CLI Configuration Guide, 9.13 - Licenses: Smart Software Licensing (ASAv, ASA on Firepower) [Cisco Adapti...
Hello,We have three remote sites. Currently we have an ISE deployment in one of those sites which contains two nodes and provides radius, tacacs, mab, 802.1x and posture services to all of the network. Thing is we want add two more additional PSN nodes to...