Activity in Security
0-Day in ESA/SMA CVE-2025-20393
Good afternoon. Cisco published a severity 10 CVE today for ESA and SMA. This only applies if the Spam Quarantine is exposed to the internet. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 Ba...
Limit users session from cisco ISE version 3.3.0.430
Hi, A customer has a wireless network on the Meraki panel integrated with Cisco ISE (version 3.3.0.430) and users who connect to that wifi network authenticate to an Active Directory. The client requires limiting the users sessions to 3 from the Cisc...
Windows 11 ISE posture
I configured posture policy which use (windows 10(all)) as operating system criteria. and all posture conditions using windows 10 also. but windows 11 PCs still be scanned for posture. Note : posture requirements still in audit state. Can someone exp...
ISE configuration - memory refresh - EAP authentication
OK ... I need a memory refresh. It has been so long since we originally setup our ISE environment that I have forgotten a lot of things. This is specifically addressed to wireless connections but I also think it applies to wired connections. What I a...
Cisco Secure Firewall 1230 FDM Password Recovery
What are my options for password recovery of the admin around that doesn't want to be sync'ed to AD?
Cisco Secure Email Encryption – “System Unavailable” Error
Issue Description:When users attempt to open the securedoc.html file using the default Cisco Secure Email Encryption link, the secure portal fails to load and displays a “System Unavailable” error. The issue is consistent across browsers, devices, ne...
Resolved! ISE priority regarding CF certainty factor
Hello experts, I have a doubt regarding the Certainty factor on ISE.Let's suppose we have a default profiling rule which is Canon Device with one condition matching the Canon OUI and CF = 10 (Minimum CF = 10)1st question : Now if I create a custom pr...
PLEASE HELP Duo 2FA Broken
I'm desperate for some assistance. I've tried contacting Duo Mobile with no success. I've tried Meta, they said their hands are tied. I feel screwed.Long story short - I went from Android to iPhone and got a new number in the process. I had Google Du...
FMC external authentication with RADIUS locks AD user
In FMC 7.6.x, we configured two ISE servers as RADIUS External Authentication Object.The ISE are forwarding the authentication to our Windows AD.The user now makes one bad login attempt to FMC and the AD account is being locked. AD is set to lock the...
Cisco ISE related Vulnerability (CVE-2025-20289 & 20303 & 20304)
IntroductionSummaryWorkaroundAffected Products & Fixed SoftwareReferences The Portuguese version of this Article can be found at: Vulnerabilidade que afeta o Cisco ISE (CVE-2025-20289 & 20303 & 20304) . For an offline or printed copy of this d...
Resolved! Routing on Site to Site Policy Base VPN
I have deployed a Site to Site Policy base VPN tunnel and I have a requirement that some of the traffic has to go via the VPN tunnel but remaining should go out via the outside interface (not via tunnel). The VPN is configured on the same Outside int...
Resolved! Firewall update error - user: 'admin' cannot be created, name is user.
Hi,I attempted to update a Cisco Firepower 2110 Threat Defense firewall to v7.4.3 from 7.4.2.2. It passed the readiness check but then errored during the upgrade and rolled back. It provided the error below in the log:user: 'admin' cannot be created,...
Resolved! Cisco ISE 3.4p3 bug that replaces hidden values with asterisks?
Hi,Today we had a fun experience with Cisco ISE 3.4 patch3. I was creating a new network device for AnyConnect to a Firepower 1120 and configured RADIUS and SNMP shared secret. We use ISE for authorization by group membership and for posture. After t...
Posture issue (stuck in unknown ISE rule)
Hello, here is the problem i have with ISE posture: - The posture agent on the endpoint completes checks and reports the endpoint as “compliant” - ISE sends a CoA to force reauthentication - The client reauthenticates but still ends up in the “unkno...
Changed pxgrid behaviour for FMC 7.2 -> 7.6?
Yesterday I upgraded an FMC from version 7.2.10.2 to 7.6.2.1. The FMC have a pxgrid connection to an ISE. After the upgrade i get a health monitor error to check connectivity to ISE. A test in identity sources on the FMC show no errors. Pxgrid servic...
| User | Helpful Count |
|---|---|
| 39 | |
| 16 | |
| 15 | |
| 11 | |
| 9 |
