Activity in Security
Cisco Anyconnect "No Adapters"
Hello, we're running Cisco Anyconnect 4.2 NAC to connect to our VPN. I'm running into an issue where it's telling me that there are no network adapters. I've tried uninstalling/re-installing the network adapter drivers, Cisco NAC and I just can't get...
Dynamic Access Policy (DAP) - memberof
Hello Community,I have Active Directory successfully integrated with FMC.My goal is to apply a Dynamic Access Policy (DAP) to my FTD, where the DAP should match a specific Active Directory group and apply a corresponding access policy (for example, A...
FMC/FTD - Wildcard URL objects and use of the leading dot
Hi All,I've asked a question a few days ago on this 4 year old post but unsurprisingly haven't had any response so starting a new post. We had a requirement to allow wildcard access to a remote SQL server over tcp/1433, as the host portion of the des...
ASA boot/console logs to file
I'm planning to update the ASA and ROMMON software on a ISA3000. I've tested it in our lab first and during the testing I've been connected through the console port. This is nice as I can see what is going on during the reload processes. However, whe...
Cisco ISE 3.5 Entra ID Authorization Problem
I have a PoC in my customer for Cisco ISE integration with Entra ID and currently I test it first on my lab.My customer only has Entra ID for the IDP and no on-prem AD.I use EAP-TLS and using ISE Certificate Provisioning Portal to generate endpoint c...
Announcement: Cisco Secure Access for Government GA
Cisco Secure Access for Government GA Secure Access for Government is a FedRAMP Moderate [IL2] authorized instance of Cisco Secure Access, purpose-built for the US Federal Government requirements and compliance. It also meets requirements for State a...
Not able to perform SSO in CISCO CSM
I’m configuring miniOrange as the Identity Provider and Cisco CMS as the Service Provider.SSO is almost working, but Cisco CMS fails when parsing the SAML response.After a successful login in miniOrange, the SAML response is sent to Cisco CMS, and CM...
Resolved! Integrating ISE with Azure Intune as MDM
Hello,I'm trying to use Computer authentication with Azure AD.As Azure AD only works with SAML, and ROPC only allows EAP-TTLS ie user authentication , I'm looking into Intune as a MDM server.I've followed all the procedure here :https://www.cisco.com...
Resolved! FPR 2130: Troubleshooting ASP Drops
Hello, We have an FPR-2130 pair (Active - Standby) and I recently see increased ASP Drops (see attached image). It is supposed to be "Flow Denied by access rule, Flow Denied by configured rule".We need to understand better what this is about.How can ...
Resolved! FMC/FTD 7.6 Exempting Traffic from Packet Capture
Is there a way to exempt traffic from a packet capture on an FTD firewall running version 7.6? My situation is that I need to know what an ID sensor that sits inside the network (at 172.31.11.224) is sending traffic to. The problem is that the firewa...
Announcement: GA Release of the Secure Access SDK
Feature Overview Secure Access Public APIs offer flexibility and control for customers, partners and 3rd party vendors. The Secure Access SDK (Software Development Kit), which is built using our Open API Specifications, helps expedite and simplify i...
Resolved! CIsco ISE 802.1x EAP-TLS authentication with Entra ID
Our customer exisitng environment all PC join to entra id and no any infra in on-premise Now. they would like to implement new Wi-FI with kind of this solutions but it's look like very new for us and less experience Therefore, may I asking in this co...
Resolved! ISE OCSP Responder Certificate expiring
Hello, We have a couple of OCSP responder certificates expiring after 60 days. When I check the 'Issued by' column it has the name of one of the other node on it, which is the PAN. However, I am at a loss about how do I go further to renew it. There ...
how config zeek log for cisco sna stealthwatch?
Hello everyone,I need to send zeek logs to Cisco SNA (flow collector)According to the Cisco manual:“Format: The zeek log generator must add the zeek_filename="xxx.log" tag before the JSONL string for the Flow Collector.”I need help about, adding the...
PSA: Umbrella, DNS, and VPN Site to Site tunnels
Hope this helps someone. I went through a newly developed issue regarding Site to site tunnels. I had to make a new site to site tunnel between two sites. I routed all DNS through the tunnel to a DNS server on the other side until I could create a DN...
| User | Helpful Count |
|---|---|
| 47 | |
| 33 | |
| 32 | |
| 21 | |
| 17 |
