About leciscokid

leciscokid · 08-22-2018

I'm sure I have run across this and just don't remember. But, is there a simpler way to hide the "browse networks" link, for instance, on the Clientless SSL portal, other than fully customizing the portal's HTML content to exclude those links ?

leciscokid · 02-06-2017

Does anyone have a homebrew, or public facing doc on how to perform a recovery of a 4100 series appliance ?I have a doc that traces the steps to perform this manual RomMon based update of a 9300, and based on the similarities in the architecture, It'...

leciscokid · 05-31-2016

Is there any sizing guidance available for number of maximum NAS or concurrent TACACS Authorizations into an ISE Deployment ?I have (2) clients who wish to deploy stand alone ISE deployments specifically to replace ACS TACACS deployments.ACS was lice...

leciscokid · 03-18-2013

Attempting an install for our lab environment, to demo this product.PlatformUCS C210 M2 - ESX-5.0.0 Enterprise Plus24GB RAMBoot Volume - 131 GB Raid-1VM Volume - 880 GB Raid-5Vcenter 5.0.0 U2 - on Win 2K8 R2 EnterpriseI get the attached error creatin...

leciscokid · 07-10-2008

Is this possible ?Has anyone successfully run the CSA-MCon a windows 2003 virtual server instance ?Any pointers, or direction is appreciated

leciscokid · 02-15-2017

TTT,Has no one touched a 4100 yet ?

Re: FirePower ASA user to IP mapping · 02-06-2017

Hrvoje,Actually It depends on what you're specifically trying to solve for.Firepower and FPMC arrive at a "user to IP Mapping" in one of a myriad of ways. Either passively by looking at network traffic such as IMAP, SMTP, HTTP, etc.Or actively (autho...

leciscokid · 02-06-2017

Use a signed certificate that only trusted clients trust, in their root store, for Server Auth. (aka set the servers to require TLS)Client's attempting to brute force will get a NAG due to untrusted cert. So for instance, even if they wanted to self-...

leciscokid · 02-06-2017

If you're only managing security policy on the ASAs (Layer 4 type policy, five-tuple ACL and NAT , VPN) you're really better off with CDO.http://www.cisco.com/c/dam/en/us/products/collateral/security/defense-orchestrator/at-a-glance-c45-736943.pdfIf ...

leciscokid · 02-06-2017

You can essentially set them all to the same security level and use the system command which allows traffic to traverse interfaces with the same security levels. Just go into your int config, give them all a nameif, and then set their security levels...

Member Since	‎06-24-2008 04:02 PM
Date Last Visited	‎05-03-2023 08:56 AM
Posts	51
Total Helpful Votes Received	23

User Statistics

User Activity

Modify links on Clientless SSL Portal, without full custom Web Page

Firepower 4100 4120 System Recovery

ISE Device Administration NAS limit

WebEx Meeting Server OVA install issues

CSA-MC on 2003 Virtual Server

Re: Firepower 4100 4120 System Recovery

Re: FirePower ASA user to IP mapping

Re: RDP Account brute force attempts

Re: Firepower Management Center

Re: ASA 5506 Security Levels