Activity in Security
Resolved! DUO - allow logon locally
Hi, We are using DUO Wondows logon 3.1.1 to enable MFA for our Jump servers. Is it necessary that, users who need to authenticate to those Jump servers should be under the GPO policy “Allow logon locally”. we have around 500 users who need access to ...
URL Filtering on FMCv on CML LABS
I have setup up a number of FTDS that are managed by FMC in CML labs. I have setup the in-built desktop in CML that is hanging off a FTD. I am able to get the internet via FTD-->Router (NAT)-->External Connector and I am able to get internet access f...
Clarification on DELETE behavior in Duo Automatic Provisioning.
In Duo Automated Provisioning using SCIM, I’m observing the following behaviour and would like to confirm if this is expected:When a user is first removed from a SCIM-provisioned group and then deleted from Duo, no outbound SCIM DELETE request is sen...
Port-channel between FTD and ASR 920
We are having issues establishing a port-channel between an FTD 3110 and ASR 920. FTD LACP mode is set to "Active" while the ASR is set to "Passive". But it doesn't work.However, we have seen the FTD 4110 with an LACP mode of "On" and ASR "Passive" w...
Slowness after using ECMP
We have a 3110 with version 7.6 managed by FMC 7.6. The flow is User >> WLC >> Core Switch >> Cisco FTD >> Internet Switch >> ISP Router 1 & ISP Router 2. On FTD we have created sub-interfaces of 10 Gig link and we have two 1 Gig links from ISP. We a...
Reimage Cisco FTD 1120 - empty disk, missing correct FXOS
HelloBeen struggling with a Cisco 1120 today, no warranty left, but would like to get it running again. Tried a new disk and flashed it with tftp from rommon, also tried USB. Unit comes up with FXOS, but not able to install FTD with scope --> firmwar...
TAA compliance
We have a firewall that was purchased a few years back and we are trying to figure out if it is TAA compliant. The serial number of the unit is USE111NBQZ.
Cert Authentication Profile in ISE
Hello Greg, If I want to use below condition of cert like Common Name and OU what will be CAP Auth Profile config ? Specially Use Identity From Field in CAP ? I think I should only use Subject ? which will cover CN , OU. @Greg Gibbs
Resolved! ASAv in AWS Cloud,vpnUser traffic blocked from VPN to on-prem site
I set up an ASAv in AWS i configured an IKEv2 IPSEC VPN between is and my on-prem juniper SRX.i also set up anyconnect VPN gateway, using the same outside interface as the VPN gateway. VPN user authentication is supposed to go thru the IPSEC tunnel t...
Always on VPN - Anyconnect cannot confirm it is connected to your secure gateway
I am configuring always on VPN with TND on a Cisco ASA 5508, the client downloads the profile correctly, and correctly recognises when it is on a trusted network, however when we move to an untrusted network I get the error "anyconnect cannot confirm...
Monitoring of vFTDs in AWS with autoscaling
We've a customer who wants to deploy some vFTDs in AWS with auto scaling, most of this is ok but I'm stuck on how we monitor (ping, SNMP poll / traps & netflow) firewalls which both:Allocated IP addresses using DHCPAre auto created by scripting, so t...
Make Your Internet Routing Secure With A VPN
Hello guys! I have a brand that delivers its services all across the world. So, all of our transactions are made online. This is why I need to make my activities more secure. What should I do?
auto ugrade to secure client version 5.1.14.145
Dear Com ...Upgrades during Start-Before-Login (SBL) appear to occur twice and customization does not occur during initial upgrade. Also, a message box is'nt shown that states: "The installation was successful. Changes will not be effective until the...
Resolved! TACACS+ Authentication Succeeds on ISE but Fails on Switch
We have encountered an unexpected issue. Despite trying various troubleshooting methods, we have been unable to identify the root cause. We would appreciate expert guidance and recommendations.Problem SummaryWe are experiencing an issue with Cisco IS...
NAC using Hybrid Joined Devices with Entra and On Prem
Hello Greg, @Greg Gibbs If User Device is Entra Joined and Users are Entra Joined and AD Joined in other words Hybrid is this use case is tested with ISE ? Is there a reference document you can share ? If users are Hybrid joined can we still do NAC ...
| User | Helpful Count |
|---|---|
| 107 | |
| 25 | |
| 22 | |
| 11 | |
| 8 |
