Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I deployed AMP for endpoint to a test machine following Cisco's Deployment Strategy guide for AMP for endpoint.
This guide recomends creating an Audit Only, Protect, Triage, Server and Domain Controller policy and the same for groups. It also recom...
I've deployed a Cisco S100V Web Security Virtual Appliance running AsyncOS 9.1.1 for Web build 074 as described in the following document (250 GB Disk, 6 GB RAM and 2 cores). We also applied the timing quirks fix in the ESX host.
Cisco Content Secur...
I've deployed a Cisco S100V Web Security Virtual Appliance running AsyncOS 9.1.1 for Web build 074 as described in the following document (250 GB Disk, 6 GB RAM and 2 cores). We also applied the timing quirks fix in the ESX host.
Cisco Content Secur...
It looks like ~24h after the changes. The client and the console updated automatically.
Checking at the console events, the agent fecthed the policies on 01/10 and 01/11 but only the one from today (01/11) made the change.
Hello Walter, Is the remote end 78.6.254.7 encrypting traffic?Is this encrypted traffic from the remote end reaching the ASA? *outside captures can help you answer this questionIs the ASA droping traffic from 10.168.0.85? *ASP captures can help...
Hello baskervi, If I understand correctly, when the issue happens (no communication between x.x.118.31 and 10.7.2.54), phase 1 and phase 2 remains up but according to the logs they are trying to negotiate this phase 2 SA again. Setting the logs to d...
Hello baskervi, - When there is not communication between the hosts, is Phase 1 or Phase 2 down?- Is there any log error when the issue happens? - What's your phase 1 and phase 2 lifetime configuration?
Hello howithink, If you do captures in the client, were are the DNS queries going to?Doing captures in the ASA, can you see this DNS queries?Does the issue happen when using Cisco AnyConnect?
