Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I understand that the management VPN tunnel is supposed to automatically connect when the Windows PC is powered on and boots to the Windows login screen.Does it automatically disconnect after the user signs in or does it stay connected after Windows ...
Which version of IOS patches this advisory?Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability I can't find any IOS XE version released around the date of the advisory. The newest version I ...
If you don’t use IPV6 on your corporation network, but users have IPV6 through their ISPs, what are the best ways to handle this when using AnyConnect VPN? We currently use split tunnel AnyConnect set to drop all IPV6 traffic. This works fine for mo...
If we are not using web VPN or the web interface to install clients, does the cryptographic settings on the web site affect the security of AnyConnect client use in any way? The SSL Labs site has warnings about the site supporting TLS 1.0 and not sup...
We have devices using AnyConnect 4.x for VPN. We want to start finding and screening out unmanaged devices. I have heard that configuring posture assessment to check devices for existence of certain files, installed software or registry keys can be...
Why does it list another old vulnerability by name, but not mention this vulnerability by name?Why is it difficult to just post a list of versions that are patched against the vulnerability right in the advisory or else post a link in the advisory to...
I still don’t have an answer.Even after entering a version number, being redirected to another page with a captcha and then completing the captcha, the results didn’t say whether or not the version is safe from the vulnerability. Instead it only re...
I still don’t have an answer.Even after entering a version number, being redirected to another page with a captcha and the completing the captcha, the results didn’t say whether or not the version is safe from the vulnerability. Instead it only refe...
Why not just list the minimum version numbers plainly? No need to hide it behind a puzzle or CAPTCHA exercise.A simple list of affected or patched versions would make sense or just say “upgrade to at least ‘X’ version or higher to address the vulner...
The users have both IPv6 and IPv4 going at the same time or they would not have any ability to reach the VPN host since it has an IPv4 public address.The purpose of the full tunnel is for security controls to prevent data exfiltration. So, we do not ...
