About raymng

raymng · 02-05-2025

Hi there,We recently install the Cisco Security Cloud App for Splunk.I configure the eStreamer services on our FMC (ver 7.4.2.1).I am seeing Connection Events in Splunk.According to this article:https://www.cisco.com/c/en/us/td/docs/security/firepowe...

raymng · 10-18-2024

Hi there,I want to know the IP pool usages on the Firepower for Remote Access VPN users.From the CLI (via system support diagnostic-cli), I can do:show ip local pool [pool name] The 'ask' is if there is other ways to get this info?Does this info avai...

raymng · 08-16-2024

Hi there,I am setting up a new Firepower to be used solely for Remote Access VPN purpose. One interface pointing to the external network, and one interface toward inside network. All AnyConnect VPN traffic would be pointing to another internal fi...

raymng · 07-26-2024

Hi there,I am using a Firepower 3110 to setup Remote VPN services for AnyConnect users. When I editing a VPN group policy (from FMC web UI), there is the "Client Firewall Rules" setting under the "AnyConnect" tab, and the "Traffic Filter" under the ...

raymng · 12-22-2022

Hi there,Read the Admin guide about the endpoint purge policy but can't find answer.There are several endpoint groups that I want to purge endpoint older than 15 days. I know about using the "ElapsedDays GREATHAN" conditions. The "ask" is if I can ...

raymng · 02-20-2025

Hi @elliot_adlerson Not sure if I understand your ask. Currently, I have no rules specifically for VPN users to inside network. I do have rule to allow internal network to reach the VPN IP user range, such as allowing SCCM server to reach out user ...

raymng · 10-21-2024

Hi there,Unfortunately we don't use DHCP services, but use local IP pool built on the firepower to provide IP assignment to AnyConnect use.The current command "show ip local pool" give us what we need (how many IP allocated, and how many are still av...

raymng · 10-21-2024

Thanks Kasun. Guess the answer is a no, that you are not aware any easy solution to monitor how many IP in the local IP pool has been allocated.

raymng · 08-19-2024

thanks. I will do some testing myself to ensure I fully understand your info. Currently, I have VPN bypass enable.

raymng · 07-12-2012

I am the original poster. We made some good progress with help from Cisco TAC.As to your question, do you actually mean installing MS CA root cert onto the ASA so ASA can authenticate the client cert presented by remote user machine? If so, this is...

Member Since	‎02-11-2002 12:44 PM
Date Last Visited	‎04-04-2025 01:02 AM
Posts	31
Total Helpful Votes Received	8

User Statistics

User Activity

Firepower eStreamer and Cisco Security Cloud for Splunk

Firepower VPN local IP Pool usage

Access control policy in the Remote Access VPN Firepower

AnyConnect VPN - Traffic filter vs Client Firewall Rules

ISE 3.1 - Purge Rule for multiple endpoint groups

Re: Access control policy in the Remote Access VPN Firepower

Re: Firepower VPN local IP Pool usage

Re: Firepower VPN local IP Pool usage

Re: Access control policy in the Remote Access VPN Firepower

AnyConnect and Certificate auth