Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Cisco Community,[This is a duplicate post - I tried to re-post the original discussion, moving it from (VPN) to (Network Security) but...]We have an FMC managing a set of FTD's serving as RA VPN concentrators. We are using LDAP Attribute Maps to appl...
Cisco Community,We have an FMC managing a set of FTD's serving as RA VPN concentrators. We are using LDAP Attribute Maps to apply policy to user's Anyconnect VPN connections based on AD group MemberOf. Everything is good except we came across a sit...
Greetings,Using the FMC or CLI, how can I find the computer name of the device that an end-user is connecting from when they use Anyconnect client for RA VPN?FMC & FTD 4112's = 7.2.5Secure Client w/Anyconnect = 5.0.0540Thanks!
Hi,
CUCM: 8.6.2.22030-1
I have a PUB & 1 SUB and I'm having unexpected results when maxing out MeetMe resources. There is 1 MRGL for the main site (all testing conducted here). This MRGL consists of 4 MRGs: in sequence -> SoftwarePub, SoftwareSub, ...
Greetings,
I'm preparing to move CUCM & CUUC 10.5 clusters to a different subnet. They are running as guests on a ESXi host - the phyiscal server will also be moved to the new subnet. I have IP change documentation for the CUCM. I was hoping to s...
@tvotna thank you for the very helpful details!I took a look at the CSC's. It would be great for this to have a clean resolution - buildout would be efficient with predictable results. I had 3 different resources provide guidance to the effect that...
Thanks MHM, This is the guide I used to confirm that the LDAP Attribute Maps were built correctly, using the memberOf Attribute map.The issue is that some users are going to have multi-group correlations.
Marius, thanks for the feedback! I reconfigured Attribute Maps in a top down fashion and it did not result in a first match as I hoped.Testing showed that a group policy which was third in line from the top was applied to the user although the user ...
@Rob Ingram yes, very much agree. That is being discussed and prepared but is not available for all devices. There is a mixed pool of W10, W11, MAC OS, Linux, Android & iOS.. so the domain join is something that needs to be worked through for some o...
@Rob Ingram The device UUID would be another way that can be used to check that users are only logging in from trusted/managed devices. The Client Name/local computer name data was intended to be used to flag any device that doesn't follow the organi...
