After the upgrade of the ACS Solution Engine to 4.0, under External User Databases > Database Configuration, the RSA SecurID Token Server is no longer a selected field. If this was previously configured, RSA SecurID Token Server(s) can be viewed under List All Database Configurations, but they cannot be deleted.
Also, if you added the RSA SecurID Token Server to the External User Database in a previous version of ACS, mapped it to a group, and selected this database in the Unknown User Policy, then, after the upgrade to ACS 4.0, the RSA SecurID Token Server is still displayed. Ideally, it is deleted from everywhere inside the External User Database and not just from the Database Configuration.
Moreover, the configuration in the RSA SecurID Token Server is ideally placed in the RADIUS Token Server after the upgrade to 4.0.
This issue is documented in Cisco bug ID CSCeh73803.
The RSA SecurID Token Server feature has been removed in Cisco Secure ACS Solution Engine versions 3.3.2 and 4.0.
The only current workaround available is to downgrade the software version to 3.2.
Process for FTD migration with PolicyAs per Cisco documentation, we have below steps for for de-register and register process. Please follow below steps :Step 1 : Break HA pair and de-register your FTD from FMC (old).Step 2 : Register your primary FTD wit...
Hello People,Wondering if anyone recently migrated from ACS to ISE with the latest version of ACS and ISE? I need some help to understand the whole procedure. I have gone through some wonderful documentation on the forum. Would like listen to the recent r...
Hi!I'm using a cisco ASA S690 v11.7.0 and I am trying to execute an APP through a script. For some reason the script doesnt execute automatically through the proxy. I'd like to know if there's something else to setup into the Cisco WSA.When the script is ...
Hi all,is there any reason why I don't see telnet as option on ISE 2.4? Do I need to enable somewhere as feature?It's really annoying if you want to test some connections from ISE. I have ACS 5.8 and telnet is there. ise02/admin# t?tech terminal trac...
I am just trying to understand the difference between the below two NAT statements. As far as I can tell both seem identical?Number 1. allows any outside ip to hit the public ip of FTD 220.127.116.11 on port 80 which gets translated to destination ...