Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect, Duo, Umbrella, Secure Access and more.
I'm trying to initialize IPSec tunnel to AWS basing on AWS instructions and it looks that ASA is not even trying to initialize connection.When I turned on debugging, it looks that ASA is in receiver mode (I see connection attempts from old site), but...
Hi,Is it possible to integrate Kandji MDM with Cisco ISE?I have been looking for guides but so far not found any.Our company uses Kandji MDM for the management of Apple devices and we want to integrate it with ISE to enforce NAC. I have just finished...
I'm learning the basics of FTD (FP1010) and doing some tests. Using FDM, I create an ACE Rule to block ICMP (any type, any network). It’s the first rule on top of other policies, setup as Block and log. I can see the rule being triggered if I try to ...
Folks, I have an old school question. I have a use case that I think can be well met by using the Easy VPN solution using "Network Extension Mode" as opposed to "Client Mode". Is this capability still supported on new ASA firewalls or IOSXE routers? ...
I have a question about ise license. I want to install ise 3.0 or higher version on vm. Does the basic license apply from 3.0 or higher? Or is it limited to 90 days?license
We've having some debate internally around when DNAC needs to log into ISE via SSH. In our environment ISE and DNAC are owned by 2 different teams thus we want to limit who knows what credential. What happened was because we learned that the SSH cr...
Hello Cisco ISE lover, Currently, I have an inquiry refer to posture process. As we have Pending and Complaint status for DOT1x (Supplicant) wired connection. Base on your experience, does Posture process will cause/delay/slow for window PC logon pro...
Hello,We have issue with ISE Posture happening only on Wireless network, let me give you details:We have DNA Fabric with cisco ISE and Wireless integrated with it, we also have Palo Alto global protect with enforce policyOn our infra we have Quaranti...
Hi AllWe are looking at replacing our ASA5545X with a new firewall.We have already replaced a smaller model with a Firepower managed in cdFMC within CDO, its working well.What are peoples thoughts, stay with the ASA code or move to Firepower?Also, th...
Environment is 3.3 patch-4. I have a configuration backup and an operation backup scheduled daily at 12am and 2pm, respectively. The operation backup is working fine but the configuration backup is NOT. I can manually backup the configuration from...
Hi all!Under site-to-site VPN, in the Advanced->IKE Policies menu option, we can see IKEv2 policies list.If we change the priorities will it cause downtime on any established VPNs?By changing priorities I mean negating configuration and applying new ...
Dear Cisco lover, We would like to seek your support on case not functional IoT device when we perform Closed Mode on cisco ise such the MAC addresss can't be learn on switch port. Once we configure on switch with Low Impact mode, the IoT device is ...
