Activity in Security
FTD to AWS VPN gateway IKEv2 phase 1 lifetime mismatch
I've created a VPN successfully from a Cisco FMC managed FTD (v7.4.2.4) to a AWS VPN gateway, but am having issues as the IKEv2 phase 1 SA lifetime doesn't match. The AWS side always uses 28800 and I've configured a policy on the FTD to use 28800 se...
ISE Upgrade Incident Summary
ISE Upgrade Incident SummaryOverview: ISE 1 and ISE 2 were upgraded from version 3.3 to 3.4. The upgrade did not go smoothly because the upgrade on ISE 2 failed partway through.Timeline and ObservationsPre-upgrade: The bonded interface for Gi0 was do...
Sievechar feature not working for LDAP queries with separators
Hello,We enabled the Sieve Email filtering feature that allows LDAP to accept/routing queries when email addresses contain separators (jdoe+123@cisco.com = jdoe@cisco.com) . This is not working since the ESA appliance still sends the whole email addr...
Anyconnect VPN server certificate error
We have an ASA that we use just for our VPN and we use Cisco DUO on it for MFA. This is all setup and working for our Windows users, but once I upgraded the Cisco Secure client version to 5.1.14.145, it broke for our couple of MacOS users. If I switc...
ASDM privileges via ISE cisco
Hello,I would like to grant an administrator read-only access limited to Access Rules, NAT Rules, and Objects via ASDM.I have already configured TACACS+ authentication and authorization using Cisco ISE, however I’m struggling to identify the exact sh...
AMA-What's New with Cisco Secure Firewall and Upgrade Best Practices
Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from Wednesday January 14, 2026 through Friday January 23rd, 2026. Our colleagues Annya Martinez, Jyhan Ocana, and Scott Nishimura will be waiting to assist you and r...
Resolved! Executing vault recovery process to resolve vault issues on ESAs
Hello,Does anyone know how can I find out if the ESAs I'm about to upgrade have encryption enabled or not, related to the vault recovery process?The documentation seems vague and only mentioning encryption as a whole. Is it FIPS encryption? Is it app...
0-Day in ESA/SMA CVE-2025-20393
Good afternoon. Cisco published a severity 10 CVE today for ESA and SMA. This only applies if the Spam Quarantine is exposed to the internet. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 Ba...
Resolved! Need help assessing my level of vulnerability to CVE-2025-20393
I am looking for instructions to confirm my level of vulnerability to CVE-2025-20393. Online they keep telling me to go to Network>IP Interfaces. However, I don't see IP Interfaces under Network on either my ESA nor SMA. I know we are using a spam...
Zero Day Vulnerability with CVE‑2025‑20393
Which version is affected by this zero day vulnerability with CVE‑2025‑20393
Resolved! CSCws36549 - Reports About Cyberattacks Against Cisco ESA and SMA
Hi @ all, I am a bit confused, as "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCws36549" ( Last Modified Jan 05, 2026) states following Known Affected Releases:16.0.1-01016.0.0-19515.5.1-02415.0.0-012 , while "https://sec.cloudapps.cisco.com/sec...
TACACS+ Authentication Succeeds on ISE but Fails on Switch
We have encountered an unexpected issue. Despite trying various troubleshooting methods, we have been unable to identify the root cause. We would appreciate expert guidance and recommendations.Problem SummaryWe are experiencing an issue with Cisco IS...
Authentication failed due to problem navigating to the single sign-on
HelloPlease HelpProblem connecting to VPN on Ubuntu in my case version 22.04.I am using Cisco AnyConnect Secure Mobility Client Version v4.10.07073 and v4.10.08029Authentication is done through SAML authentication.The login page through anyconnect do...
Cisco FlexVPN anyconnect VA MTU change
Hello ,I configured FlexVPN IKEv2 Remote Access VPN as guided herehttps://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.html#toc-hId-936641904I started to notice I have issue loading the webpages su...
Resolved! Tunnel to Palo Alto keeps going down
Verified configurations in the Palo Alto. The router has the crypto-map, transform-set, and keyring. I keep seeing syslog messages stating %CRYPTO-4-RECVD_PKT_INV_SPI from the source of the tunnel that keeps going down. The amount of time in-between ...
| User | Helpful Count |
|---|---|
| 66 | |
| 25 | |
| 24 | |
| 9 | |
| 7 |
