Activity in Security
Cisco FTD VPN access / Geolocation block for Control Plane
We have Cisco FTD 2110s that are managed with FMC and we are trying to figure out how to block access to our remote access VPN by IP. We already have a geolocation block for Access Control in FMC. But, are we still not able to do geo-ip-based restric...
FTD Route Based VPN question
HiI have a static Route Based VPN and am wondering if I create a loopback interface on the FTD is there a way to allow this IP over the VPN to test the VPN or generate some traffic from the FTD across the VPN ?? Thanks
Cisco ISE
Hello,I need to renew a certificate that is expiring soon, which is used for Admin access, EAP authentication, and RADIUS DTLS.This certificate is signed by our internal certification authority.I generate a CSR and sign it with our certification auth...
Query on Cisco ISE 3.2 patch 9
It looks like Cisco took quite long time to release patch 8 for ISE 3.2, it was release at end of November 2025.Now they release patch 9 on Dec 2025. Was there issue with Patch 8. If current system is on patch 7 can we install patch 9 directly ?
Slowness after using ECMP
We have a 3110 with version 7.6 managed by FMC 7.6. The flow is User >> WLC >> Core Switch >> Cisco FTD >> Internet Switch >> ISP Router 1 & ISP Router 2. On FTD we have created sub-interfaces of 10 Gig link and we have two 1 Gig links from ISP. We a...
PassiveID problems
Hi there,Im having som trouble setting up PassiveID in a new ISE install.ise version 3.4 patch 4I have 3 nodes, all of them have passiveid enabled, and i can see the service running in cli with 'sh app stat ise'in the ise passiveid-agent.log i see th...
FTD over Remote FMC - 2 FMC Setup
Hi All, I'm in bit of a pickle here as I have a task at hand that has 2 FMC's and 2 FTD's present: Below is the scenario; In an existing setup that constitutes of a FMC(VM) and local FTD's deployed in HA, lets call them FMC-A and FTD-1) are in produ...
How does BGP flowspec work
Hi AllI am aware of BGP flowspec, you have a server (flowspec controller) and clients which are the bgp neighbors to the controller?How does it actually work in practice? do all the ISP routers send netflow information to the controller and based on ...
Resolved! New ISE node not showing any TACACS logs
I had two ISE VM nodes running on 2.4 ( no patch) with in sufficient resources. I was getting multiple alarms.I made one node primary for both Admin and MnT personas and de-registered the second node. Then I registered a newly created VM node with su...
Issue with resolving DNS for boostbadges.com
Our school is protected by Cisco Umbrella Web filtration and DNS pointing at their resolvers of course. I white listed the domain but we still can't reach it. Using a different network that does not have the filtration, it works.Anything else that mi...
ISE cli admin removed after upgrade to 3.4?
I'm in the middle of configuring a new set of ISE servers, and I found that after i upgraded from 3.3 (wich the hardware came with) to 3.4 i could not log into cli any longer. GUI was working fine. So i do the admin password recovery and it tells me:...
Resolved! Cisco Firepower 1010 - Issue with Software Image
I am experiencing an issue with the software image on a Cisco Firepower 1010 device. After performing a factory reset, I accidentally erased disk0:, which resulted in the loss of the system image. As a result, the device can no longer boot and is cur...
RBAC in ISE via SAML from EntraID
We have enabled SAML login in Cisco ISEwith the identity source from Entra ID Groups, and that works very wellThe issue comes when assigning RBAC rules to the internaly mapped groups, because if we assign ReadOnly data Access to a groups along with t...
Annyconnect ISSUES ON Cisco 2901 router
Dear Community Members.,I am having issues with my Cisco anyconnect VPN :The VPN suddenly stopped working with an error message of Expired License:Below is the Content of the Directory: ANYCONNECT_CYB#dirDirectory of flash0:/1 -rw- 104193476 Mar...
Service Unavailable error when logging into Cisco ISA-3000 FTD web UI
Hi everyone,I’m getting a “Service Unavailable” error when trying to log in to the web UI of my Cisco ISA-3000-4C-X running FTD 7.0.1 (build 84).Message shown:“Service Unavailable. The server is temporarily unable to service your request due to maint...
| User | Helpful Count |
|---|---|
| 64 | |
| 24 | |
| 22 | |
| 7 | |
| 6 |
