Security

Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect, Duo, Umbrella, Secure Access and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Browse the Community

Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace

33223 Posts

Network Security

Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Ada...

72038 Posts

Duo Security

Get started with or get better at administering and using Duo by interacting with peers and experts!

3493 Posts

OpenDNS

Ask questions not covered by support articles and documentation.

3479 Posts

Activity in Security

Trying to overcome OpenVPN Reneg-Seconds

I've installed a Unifi Dream machine and used Duo as it's Radius, I use LDAP for primary auth and Duo Push as MFA. All is well...For an hour then OpenVPN forces it's hourly renegotiation and another push is sent out which must be approved. Not keen o...

AB-19 by Community Member
  • 70 Views
  • 2 replies
  • 0 Helpful votes

Implementation of VRF Aware IPSEC (IKEv1) VPN

                                                                                        VRF Aware IPSEC (IKEv1) VPN Introduction Lab Topology Basic Configuration IPSEC VPN Configuration Introduction Virtual Routing and Forwarding (VRF) is a technolo...

Blue_Bird_1-1753438756956.png Blue_Bird_2-1753439234508.png Blue_Bird_3-1753439289486.png

Ssl certificate error

Hi All, Facing an error where crowdstrike agent not able to connect to crowdstrike portal due to ssl certificate failed error. I have added the required url in allow list and decryption bypass policy, still the same issue. Pls note: Currently im usin...

Vishal6_1-1753430653013.png
Vishal6 by Level 3
  • 44 Views
  • 1 replies
  • 0 Helpful votes

Resolved! User privilege level with Radius

Hello all, Currently I have several switches (IOS and Nexus) which use RADIUS for login. The RADIUS server is a Windows server and uses Active Directory authentication. I would like to assign the active directory users different privilege levels on t...

IKEv2 Remote Access VPN Failure to Connect

Good evening,I previously had an IKEv2 Remote Access VPN tunnel working properly on an ASA 5515-X but apparently made some changes that have broken this functionality, so I appreciate any assistance that can be offered in restoring functionality. I h...

lridium by Level 1
  • 720 Views
  • 19 replies
  • 0 Helpful votes

SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)

SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) in cisco Catalyst 9300 We have run vulnerability cisco Catalyst 9300  and we find the above  vulnerability. All software is up to date.#show ip sshSSH Enabled - version 2.0Authentication method...

Minato by Level 1
  • 11423 Views
  • 8 replies
  • 0 Helpful votes

Cisco ISE Upgrade Best Practices

In the following ISE webinar, you will learn how to Validate ISE version complianceExecute efficient upgrade workflowsLeverage telemetry for enhanced visibility, data-driven troubleshooting, and consistent policy control across distributed environmen...

zsoulios by Cisco Employee
  • 58 Views
  • 0 replies
  • 0 Helpful votes

API-BASED TOOL for Bulk Object Creation in FDM

Problem  How many times have you found yourself clicking through the FDM GUI, manually creating dozens (or hundreds) of URL and Network objects? This tedious process has probably cost you hours of valuable time and introduced the occasional typo or ...

anvpatha by Cisco Employee
  • 40 Views
  • 0 replies
  • 0 Helpful votes

Cisco ISE 3.3 patch-7

Good morning technology people,Has anyone applied patch-7 on your 3.3 ISE environment?  I am almost 100% that this patch is NOT thoroughly tested by Cisco prior to releasing it.  I have to patch my 3.3 patch-6 system in about two weeks (due to securi...

Resolved! ISE 2.7 VM to 3.3 upgrade

Hi all,Wondering what is the best way to upgrade ISE VM's (PAN/PSN and SAN/PSN) from 2.7 to 3.3 patch 3.I'm planning to do Backup&Restore method into 2 new VM's (assign temp IP addresses then change these to the production ones, when finished).Should...

RamsesDE by Level 1
  • 2583 Views
  • 11 replies
  • 0 Helpful votes