Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Good evening, is there a way to create a policy in ISE where it automatically adds the source IP address of repeat failed authentication attempts to a block list? If someone was running a dictionary attack against one of our VPN gateways (ASA), I w...
Good morning, we have a large deployment of geographically dispersed Anyconnect VPN access where roughly 2000 users connect remotely each day. For security and resource preservation, I have the VPN connection timeout configured for 12 hours. Afte...
Hi all, I have a Firepower 2110 appliance running ASA. I recall reading somewhere that this setup doesn't support redundant interfaces. Does that apply to port-channel configuration on the ASA? Thank you
Good evening, during a pen test, we were recommended to "Retire the Cisco Secure Desktop (CSD) VPN technology which is no longer supported." I am a bit confused with this as we use Host Scan to run certain checks on endpoints before they are allowe...
**UPDATE--RESOLVED**I just found out what was causing this on my end. Decided to come back and update in case anyone else has the same issue in the future. Well (duh!) ...I have command authorization configured. Each command entered into the CLI mu...
I have the same issue with various 9200, 9300 and even 2960x switches. Range commands take for ever. Same configuration I can paste in other switches and it all goes in smooth.As an example I am working on a C9200L-48T-4X running cat9k_lite_iosxe.1...
I compared the configuration with another physical ASA and indeed under port-channel configuration, there there are no available physical interface option listed that we an add to this port-channel. So I guess it is true. Although there might be an...
