About zachartl

zachartl · 04-09-2026

Hello,We've recently reviewed Cisco Field Notice Field Notice: FN74392 - Cisco Identity Services Engine: Impact on Secure Communications from Public CA Client Authentication EKU Changes Starting in May 2026 - Workaround Provided - CiscoWe've a four n...

zachartl · 12-19-2025

Greetings,We're planning to migrate our Cisco VPN ASA's to FTD Devices.Within the ASA's we currently utilize 3 Tunnel Groups (Connection Profiles). One External use (DMZ) and Two Internal.We've several ASA VPN Group Policies tied to our Active Direct...

zachartl · 09-05-2025

Hello,I need to remove a sub-interface and I need to add a sub-interface.I'm unable to do either. If I try to delete one of the sub-interfaces I find that there's no provision for it (no trash can icon). I'm unable to toggle the interfaces in Edit mo...

zachartl · 07-25-2025

Hello,We are receiving reports of some VPN Client users, who will get this error message (screen shot attached). We're not utilizing SSL VPN. We're utilizing the Cisco Secure Client version 5.1.8 This problem seems to occur when our users are in publ...

zachartl · 02-13-2025

Hello,We just configured Azure SAML MFA for Anyconnect VPN Access and it works fine. We utilize access-lists based on Microsoft LDAP Group Membership. We're using LDAP authentication too. I'm not seeing our Azure MFA Access recognizing or utilizing t...

zachartl · 04-10-2026

Good morning Mr. Jonasson,I've been under the impression that the Internal PKI CA had to be a member of the DNS Domain. I hadn't considered this perspective before. It would certainly be worth a try.Thank you for your input and my enlightenment.Warme...

zachartl · 04-10-2026

Good morning Mr. Bier,Thank you for the timely and concise response. I very much concur with the logic you provided. I will relay this information to our Team for discussion, and contemplation.Warmest regards, and our utmost gratitude.Terry

zachartl · 12-28-2025

Hello,Circling back around on this, We're planning to migrate and utilize SAML, Azure Entra for MFA within FTD/FMC configurations. We need VPN Client Authorization as we utilize split-tunneling and there, delineate network access provisions by way of...

zachartl · 12-19-2025

Hi Rob,I forgot to mention we're utilizing SAML (Azure Entra) for MFA, I would hope this wouldn't make a difference and that we could still leverage authorization. Thank you,Terry

zachartl · 09-06-2025

Hello Sid,The screenshot I shared IS From the FMC console, using the instructions you specified, Thank you. If I return to the FXOS GUI directly within the FTD, and attempt to delete the sub-interface there, the FXOS GUI tells me it cannot and that I...

Member Since	‎08-08-2005 01:13 PM
Date Last Visited	‎04-10-2026 05:00 AM
Posts	137
Total Helpful Votes Received	64

User Statistics

User Activity

Changing ISE Node Domain Name Suffix

VPN Default Group Policy Differences ASA versus FTD.

Unable to Add or Delete Subinterface/s Cisco FMC

Secure Access Clients Recieve EER_SSL_Protocol_Error

ASA VPN with Azure SAML MFA LDAP Group Membership

Re: Changing ISE Node Domain Name Suffix

Re: Changing ISE Node Domain Name Suffix

Re: VPN Default Group Policy Differences ASA versus FTD.

Re: VPN Default Group Policy Differences ASA versus FTD.

Re: Unable to Add or Delete Subinterface/s Cisco FMC