About raymng

raymng · 08-16-2024

Hi there,I am setting up a new Firepower to be used solely for Remote Access VPN purpose. One interface pointing to the external network, and one interface toward inside network. All AnyConnect VPN traffic would be pointing to another internal fi...

raymng · 07-26-2024

Hi there,I am using a Firepower 3110 to setup Remote VPN services for AnyConnect users. When I editing a VPN group policy (from FMC web UI), there is the "Client Firewall Rules" setting under the "AnyConnect" tab, and the "Traffic Filter" under the ...

raymng · 12-22-2022

Hi there,Read the Admin guide about the endpoint purge policy but can't find answer.There are several endpoint groups that I want to purge endpoint older than 15 days. I know about using the "ElapsedDays GREATHAN" conditions. The "ask" is if I can ...

raymng · 05-21-2012

Hi,I would like to better understand conceptually how does "AnyConnect with Certificate authentication" work.I have been doing AnyConnect with external radius server authentication, but never try certificate auth.My perception is that we would genera...

raymng · 04-02-2012

Last week, my ASA log was filled with following type of syslog message:%ASA-3-722035: Group User IP <208.79.108.41> Received large packet 1374 (threshold 1280)It appears all of them are from the same user. I talked to the user and the user didn't ...

raymng · 08-19-2024

thanks. I will do some testing myself to ensure I fully understand your info. Currently, I have VPN bypass enable.

raymng · 07-12-2012

I am the original poster. We made some good progress with help from Cisco TAC.As to your question, do you actually mean installing MS CA root cert onto the ASA so ASA can authenticate the client cert presented by remote user machine? If so, this is...

raymng · 03-06-2012

Under EAP-TLS, does the wireless login process involved user authentication beside client certificate? One of the primary trigger for us to look into this option is to get a two-factor authentication setup for the wireless network.Thanks.

raymng · 12-22-2011

Thank you both for your input.Dave, thanks for the note about what ASA cannot do. Fortunately in my case, I won't need to worry about these limitation in this case, but it is good to be aware of them for future case.

raymng · 10-06-2011

Thanks for this post. Reading this and people 's response let us solve this same problem in our environment, which is on AnyConnect v2.5. I agree that it would be helpful if the Cisco doc would mention about Machine Cert storage. Indeed I have a ...

Member Since	‎02-11-2002 12:44 PM
Date Last Visited	‎08-26-2024 05:22 PM
Posts	26
Total Helpful Votes Received	5

User Statistics

User Activity

Access control policy in the Remote Access VPN Firepower

AnyConnect VPN - Traffic filter vs Client Firewall Rules

ISE 3.1 - Purge Rule for multiple endpoint groups

AnyConnect and Certificate auth

AnyConnect VPN and syslog message ASA-3-722035

Re: Access control policy in the Remote Access VPN Firepower

AnyConnect and Certificate auth

Re: WLAN using EAP-TLS

Re: Elminiate Internet border router with ASA

Anyconnect v3 SBL not working