About xbill42

xbill42 · 07-22-2020

Hi, I have a Firepower in ASA mode (9.14) for anyconnect VPN and cisco ISE for posture (Apex license). I am trying to find if there is an option to force the VPN session to disconnect if the posture is not compliant. For the moment when the PC is not...

xbill42 · 07-21-2020

Hi, I'm creating a new ISE 2.6 distributed deployment. Now I'm trying to understand what I need to configure in order for the PSN to send their logs to the MNT.I want to use another interface than the Gi0 for that trafic.Do I need to configure a remo...

xbill42 · 06-19-2020

Hi, I'm trying to find how to change the default folder for Anyconnect profiles to something else than the folder inside %ProgramData%.Is it possible to put the .xml profile config and the ISEpostureCFG.xml in C:\Program Files (x86)\ or maybe elsewh...

xbill42 · 05-05-2020

Hi, I have configured ASA VPN with anyconnect and posture with ISE.The anyconnect client and config will be preinstall on PC (no self download or install with msi) I am confused with the different package and profiles that must be upload on ISE and A...

xbill42 · 05-04-2020

Hi, The documentation specifies that we can backup PAN and MNT. The backup should contains "both application-specific and Cisco ADE operating system configuration data." - Does this backup includes the config done during the wizard after booting the ...

xbill42 · 08-12-2020

Hi, The Session-Timeout is not taken into account by the ASA, I don't see the max session value changed after receiving the COA.The DACL is received on the other hand.I'll try to push a whole group-policy with a short max session timeout. Best regard...

xbill42 · 08-07-2020

Hi, I tried the access-reject option, but this triggers an error on the anyconnect side, something like unknown interruption error : general error.I've also contacted TAC for this and they responded that it is impossible to disconnect the tunnel if t...

xbill42 · 07-23-2020

Hi, We check for specific running process on corporate computers. If the process is not running it means that the client corporate computer is not configured properly or have a big problem (they would have to call the IT support and maybe bring their...

xbill42 · 06-25-2020

Hi, For your information, Cisco TAC confirmed that the folder parameters are static and suggested a feature request via sales. Best regards

xbill42 · 05-05-2020

Hi, So only the anyconnect package is mandatory in the ASA disk. No need to upload the compliance module and the xml profiles (already uploaded in ISE) ? If I want to upgrade anyconnect, do I only need to update the client provisioning on ISE (keep t...

Member Since	‎03-25-2020 02:36 AM
Date Last Visited	‎08-13-2020 03:32 AM
Posts	20
Total Helpful Votes Received	5

User Statistics

User Activity

Disconnect anyconnect vpn if ISE posture not compliant

ISE configure logging from PSN to MNT

Change the default Anyconnect profiles Folder on Windows

Anyconnect packages and profiles installation on ASA and ISE (for posture)

How to properly backup ISE PSN

Re: Disconnect anyconnect vpn if ISE posture not compliant

Re: Disconnect anyconnect vpn if ISE posture not compliant

Re: Disconnect anyconnect vpn if ISE posture not compliant

Re: Change the default Anyconnect profiles Folder on Windows

Re: Anyconnect packages and profiles installation on ASA and ISE (for posture)