Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are, and have been seeing what I am interpreting as password spray attacks when viewing the VPN "Troubleshooting" logs within FMC. We do have webvpn enabled and are using DUO as MFA. We have configured only specific users within one AD group to be...
Hello!We have RADIUS via AD set up to ssh into our ASA's with a failback to local if RADIUS is down. I want to be able to use both RADIUS and LOCAL accounts at the same time, even when RADIUS is up. How can I accomplish this? Current config:aaa-serve...
Hello,I am using the following guide to set up AD external authentication over TLS and getting the following error: Opening connection to LDAP server - XXXXXXXXXX:389 - ldapCurrent TLS Require Cert: 4Current TLS CACERTFILE: /var/tmp/HsmvFZQrBM/temp0....
Hello, Sorry in advance if this is not the correct thread to post in. We are currently migrating over to Auvik from Solarwinds NCM and running into a bit of an issue. We have one AD account that is being used as CLI creds for all of our switches and ...
Hello! Does anyone know if it is possible to set up an email alert for when a user logs into an Anyconnect VPN session? Can this be configured on the FTD/FMC? Thanks
So based on document posted by Cisco https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-defense/221806-password-spray-attacks-impacting-custome.html I decided to create a sinkhole LDAP server and applied it to the DefaultWEBVP...
Thank you for the reply,Basically, we use Auvik for monitoring and config backups. Auvik needs an account to ssh into the ASA's and we have been using an AD account via RADIUS but this account keeps getting locked out. Auvik support is unable to figu...
Hey Aref, Thanks for the reply. SSL uses port 636 but TLS uses 389 using STARTTLS, so that's not the issue. It had something to do with the root cert I was uploading, wish I could say what it was but it finally took and is working properly. Thanks!
