Activity in Security
ciaco ISE 2.7 to 3.1 but it's using internal CA for authentication
hello people I have a Cisco ISE 2.7 and want to upgraded to 3.1 and then to the recommended release, but the thing is it's using its own CA for the authentication so doy you have any recommendations for this procedure? I wanted to do a full upgrade, ...
FTD Dynamic L2L VPNs
Hello, We want to have a FTD (with static public IP) and several Cisco routers (with dynamic IP) connected with IPSEC IKEv2 L2L VPNs with different PSKs for each VPN. We dont find on the FTD how to check the receiving ID that the router would send t...
I would like to use ISE to authenticate tacacs of nokia equipment.
I would like to do TACACS authentication by linking nokia equipment with ISE. Since it is a different vendor, I think we need to specify the custom attribute value in a separate TACACS profile. Has anyone done the above? The verison of nokia equipmen...
Site-to-Site VPN idle timeout unlimited
I have site-to-site VPN established between my DC and a Branch, DC side is FTD, and Branch side is ASA, both use default group policy for idle time out. default value is 30minutes. when use show vpn-sessiondb detail l2l. ASA site shows 30 minutes wit...
Network already exists
I work for a school and I just set up the Open DNS and trying to add a network. I get a "Network already exists", which I assume a predecessor of mine set one up long ago. I tried two different support emails and both bounced back stating my email...
CSCvn31571 - duplicate VLAN-ID on FTD
Is this CSCvn31571 a bug or by design that I can't have duplicate VLAN-ID on 2 or more sub-interface?
Resolved! BYOD for Employee using REST / Entra External Identity Source
I have a 3.4 ISE deployment on latest patch. It is "connected" to Entra via REST as an external identity store. I have pulled down a group from Entra (call it BYOD-EMPLOYEE) and I'd like to achieve the following -Have a BYOD style portal or similar f...
OpenDNS not working - Do I have a setting wrong
Please accept my apologies if there is an answer somewhere in this forum that I have not been able to find. We ave an Icotera router and mainly Mac computers. I have set the DNS servers in the router and included a screenshot of the settings. Just...
Default Action Supported for Third-party integration feeds
My organization is ingesting third-party intelligence feeds into our FMC via STIX/TAXII. A default action of block is not supported for this delivery method. Because ours is a sparsely staffed team who fills many widely ranging IT roles, and the feed...
Resolved! FTDv on ESXi with Failover Issues using SR-IOV
I have a use case where I need to deploy FTDv (FTDv100) in a HA pair utilizing two physical servers with the ESXi (7.0.3 - Dell Version) hypervisor, one FTDv 7.4 instance on each. Following the Cisco deployment guide, I am attempting to leverage SR-I...
Design WSA-S196-K9
Hi everyone,I don’t have much experience in designing a Proxy system, but based on what I’ve read in Cisco’s WSA documentation, the following topology represents my current idea: I’m planning to design it as follows: P1, T1 connected to the Interna...
DHCP on Firepower 1230 with FTD 7.7
Hello team, so far we have been using 2 ISP providers for our local network. L3 was configured on ASA 5585. Now we are changing ASA with 2xFPR1230 with FTD 7.7 ISP_1 PPPOE connection configured on ASA with public IP static , will configure on L3 core...
Remote Browser Isolation (RBI) is not supported by Reserved IP.
When I looked at the following document in Cisco Secure Access Help, I found an interesting article. https://securitydocs.cisco.com/docs/csa/olh/121296.dita ---Known LimitationsSecure Access has known limitations for the use of Reserved IP.:Remote Br...
DUO will not run on Windows 11 system
For the last week Citrix will not load Duo from Workspace. It tells me to run it or download it, which it is already done. It worked fine on this PC before this. I have uninstalled and reinstalled both Citrix Workspace and Duo Desktop (7.12.0). W...
DoS To FTD
Hello,FTD 2110s 7.4.2.4I'm looking for suggestions on two topics. 1. What's the best way to help prevent Dos attacks to the FTD itself. Is flex config the only way and does anyone have a proven config. for that they could share?2. What upstream servi...
| User | Helpful Count |
|---|---|
| 75 | |
| 50 | |
| 28 | |
| 23 | |
| 16 |
