Security

Changed pxgrid behaviour for FMC 7.2 -> 7.6?

Yesterday I upgraded an FMC from version 7.2.10.2 to 7.6.2.1. The FMC have a pxgrid connection to an ISE. After the upgrade i get a health monitor error to check connectivity to ISE. A test in identity sources on the FMC show no errors. Pxgrid servic...

YouTube.com bot warning message for Secure Access SWG

Update, May 1st 2025: We are receiving reports from customers still experiencing this issue. We are investigating and will post updates here. We are currently investigating an issue affecting YouTube.com, where users are encountering a prompt to "Si...

Passwordless lets you in even if AD creds are locked out

Hi We are having some issues with a FTD VPN setup where we get certain errors after authenticating but in trying again it lets you in. I have a case open with Cisco but they are very slow to respond. We found that if the user locks out their account...

ERROR: Memory allocation failed

Dear Specialist,I am running IOS version 8.0(5) in cisco ASA 5520. This issue i am facing is that when the memory utilzation reaches 49 percent, the web-vpn users are not able to login as they are getting a blank page. The only error which is getting...

Proxy ARP on Cisco FTD

Summary:Proxy ARP is enabled by default on all ASA/Firepower interfaces, but it generally comes into effect only when NAT is configured. Under normal circumstances, when traffic flows between a source and destination located behind the same FTD inter...

IP phone endpoint not getting a DHCP offer on a closed port

Hello all,We recently encountered an issue demoing phones from HP Poly. These devices were added to an endpoint identity group in ISE associated with a policy to allow network access and they fail to get an IP address on closed ports. The RADIUS live...

ISE - What we need to know about TLS

IntroductionTLS on Cisco ISESettingsCompatibilityIdentify the TLS versionParticularitiesVersionsCiphers ListPortsTLS 1.0 or TLS 1.1TLS 1.2TLS 1.3Bug IDsCSCvv02086 Add ability to disable TLS 1.0 and 1.1 on ISE PIC NodeCSCwj60692 TLS is restricted to...

Cisco ISE related Vulnerability (CVE-2025-20343)

IntroductionSummaryWorkaroundAffected Products & Fixed SoftwareReferences The Portuguese version of this Article can be found at: Vulnerabilidade que afeta o Cisco ISE (CVE-2025-20343) . For an offline or printed copy of this document, simply...

A New Identity Framework for AI Agents

We are all experiencing the rapid proliferation of autonomous AI agents and Multi-Agent Systems (MAS). These are no longer AI chatbots and assistants; they are increasingly self-directed entities capable of making decisions, performing actions, and i...