Activity in Security
Removing System Manager Windows Device Profile Remotely
Now that SM is no longer supported, is there an easy way to remove the Windows device profile remotely, so my devices can join another MDM?I can remove the SM Agent, not a problem. But the "Settings > Accounts > Access work or school" profile is not ...
SBL FTD (FMC)
Hello Team,I've noticed that SBL is no longer available starting with version 5.1.13.xxx of the Secure Client Profile. If I want to enable this feature, how do I do it?
DVTI with Digital Signature on Cisco IOS
I need some help regarding the configuration of DVTI using Digital Signature. I tried with PSK and it worked just fine. But with Digitatl Signature I'm getting some serious trouble here. I'm missing just one command which is the crypto keyring but I ...
FTD locally managed - ACME
Hi,today i installed FTDv (SW 10.0) in my CML to check, if there is a possibility to get a certificate via ACME. With FMC this should be possible but I cannot find a possibility in th FDM.I also cannot find sth. in the guides.Does someone hav a solut...
Why are elephant flows classified as security-related connections?
Hi,I just noticed some elephant flows under security-related connection events. Is this correct? We have elephant flow detection enable, but I am not sure if they should be classified as Security-related and not just normal connection events?Thanks/C...
Who do I contact? Entire IP is being blocked
I am not a Cisco customer, I currently have 3 customers who are not able to get mail from my company. This has started affecting business, I need to get into contact with anyone that can explain why our IP has been blocked at a higher level that the...
Network - Security
Dear Support,I would like to configure Cisco Firewall 5525 to allow traffic from Rusk desk Remote Desktop from external network (outside company domain). The current configuration are as below:a. Service Objects/Groups - Add port 21115 to 21119.b. Ne...
Map certificate value on ASA to CiscoAVpair for ISE
Hi,Im looking for possibility to map endpoint certificate value "SAN:URI Intune ID/GUID" that will be used on ASA Remote VPN for client authentication and due to Intune MDM integration I need to send this SAN certificate value as CiscoAVpair/mdm-tlv...
Windows 11 EAP-TEAP "Action Needed" to Sign in
I know this might be a windows issue but I figured I'd ask in case anyone has had this experience.Main Issue: Using EAP-TEAP GPO (Windows Server 2022) for Windows 11 devices, clients are able to use the machine cert to auth with no issues. Once the u...
RAVPN request control
I have a remote access VPN with the following scenario.I have FTD virtual managed by FMC (version 7.7), Cisco ISE radius AAA (version 3.4), external radius server (Microsoft NPS) for multi-factor authentication (MFA). User send the credential to FMC-...
AnyConnect MFA using Microsoft Entra
Hi Guys,I was able to set up MFA for AnyConnect using Microsoft Entra ID. However, I encountered an issue in a multi-tunnel environment.Entra ID requires a unique application configuration for each tunnel. So, if you have multiple tunnels such as Spl...
Secure Access Always On
Hello everyone,We are currently conducting an Always On Test in Secure Access. When the PC is turned on, all internet connectivity is blocked, and after enforcing SSL VPN, the internet becomes available once the VPN is connected.In the VPN profile se...
Changing Cisco MFA from Microsoft Authenticator to Cisco Due
Hello Cisco Community,I changed my phone and want to remove access to my old Microsoft Authenticator used for Cisco MFA login. My MFA setting is enforced, and I cannot disable or modify it from the account security page.Kindly support to reset my MFA...
Aggressive Mode with SVTI
Spoiler Is it possible to configure Aggressive Mode with SVTI?? I've tried but still it jumps back to Main Mode. Is there something I'm missing here?? I thought it would be a great opportunity to see the packets since I've also included Digital Sign...
Resolved! Automating imaging using ISE profiling
I am attempting to automate the imaging process in an environment by utilizing ISE profiling.I have the following pieces working as expected:Using the DHCP probe with the dhcp-class-identifier STARTSWITH PXEClient:Arch:. The endpoint MACs move to a ...
| User | Helpful Count |
|---|---|
| 93 | |
| 18 | |
| 11 | |
| 9 | |
| 6 |
