About Heino Human

Heino Human · 02-14-2021

Hi guys, I just upgraded our ACI infrastructure from 3.2 to 4.2. Now our security scan system within our network has alarmed stating "The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0" How would I disable this in the API...

Heino Human · 01-27-2021

Hi guys, I'm a bit confused in why we would use two signed certificates for anyconnect VPN to establish a trust point on the outside interface of the firewall. If look at the below article and follow the steps, it would go like this. 1. Create a CS...

Heino Human · 09-23-2020

Hi legends, I have just completed setting up RAVPN with MFA, one with Yubikey and one with Microsoft Azure NPS. The MS option is for general staff and the yubikey is for IT support staff. This is what the customer requested. Now, they would like VP...

Heino Human · 09-10-2020

Hi guys, We have a couple 9300 FTDs managed by a single 4600 FMC. We are getting a second FMC in a few weeks and wanted to know how would I add it to the existing setup? I can't find anything on Cisco's website. What I'm thinking is: 1. Restore th...

Heino Human · 08-13-2020

Hi Legends, I'm a bit stumped and trying to find a solution on parsing credentials when users authenticate via VPN/ISE and then trying to access data centre services. Our setup is as follows VPN USER > AnyConnect > FTD at the internet edgeOnce user...

Heino Human · 12-15-2021

hey mate How do you see the events for those "Log4j" logs?

Heino Human · 03-21-2021

Hi guys, For anyone else who might run into this issue. With version 4.2 Cisco has opened port 8989 to the OOB mgmt network. Once I created a filter to block traffic to the OOB mgmt network on port 8989, our security scans failed to see the open po...

Heino Human · 03-08-2021

Yes, that is one of them. I should mention, this is only on port 8989 for SSLv2 and 3. I have raised a case with Cisco TAC on this. I can't find any documentation related to it anywhere. Once I get an update, I will share it here. I did run netstat c...

Heino Human · 02-22-2021

hi Marcel, Yes, I have looked there, but there is no option to enable/disable SSLv2 or 3. I have raised a TAC case for this and just waiting on our Cyber ops team to provide their details to TAC on how they found the APICs responding to these servic...

Heino Human · 01-27-2021

That is not a subnet, its a port number, in your case SSH

Member Since	‎09-03-2012 08:31 PM
Date Last Visited	‎12-15-2021 05:50 PM
Posts	37
Total Helpful Votes Received	20

User Statistics

User Activity

How do I disable SSL 2 and 3 on APICs

SSL Certificates for AnyConnect VPN

VPN from internal campus network to DC network.

Adding a second FMC to a production FMC with FTD deployment.

Parsing credentials from anyconnect through the network.

Re: Query regarding Snort rule/FMC upgrade against Log4j vulnerability

Re: How do I disable SSL 2 and 3 on APICs

Re: How do I disable SSL 2 and 3 on APICs

Re: How do I disable SSL 2 and 3 on APICs

Re: where is my mask mismatch?