Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi my name is Ivan.I have 1 FTD manage with FDM on my remote site. FW connect main site with another FW's in HA using vpn s2s. I need to migrate FDM to FMC. FMC is working in the main site and managing FW's in HA.If I will change directly to FMC, I...
Hi I'm Ivan
I have an ISE v3.1 which I wolud like to use for guest service using cwa with sponsor. My issue is:
I need to generate csr for guest cwa with third party (public company). My nodes are:
ise1.company.local/ise2.company.local. My portal's ...
Hi I'm Ivan
I have fmc 7.0.1 and 1 ftd for vpn remote access services integrated to Cisco ISE v3.1. The vpn works fine (ISE and FTD), but when I try to see "Table Events" for "User VPN Activities" I can not see any records. From cli of ftd I can see ...
I have stealthwatch 7.3.2 smc and 3 flow collectors for netflow with licenses for all products. SMC and all FC's has conectivity with all Publics IP of Cisco Talos Address and port services. Despite, when I try to generate a report in Talos for any h...
Hi my name is Ivan,We have an opportunity to located Cisco Firepower 4120 product (and licenses), but end customer ask us if Cisco Firepower might work using manual url filtering (extensions)?. It's some like this example:1. Permit http://abc.com/pro...
HI Arne
It's a bit confuse. Guest1 and Guest2 should be resolved by public dns or using on ISE ip host. guest1/guest2 portalguest.company.com?. We will have just only name portalguest.company.com that will resove by public dns.
guest1.company.com -> ...
Hi James
In ISE after the process of sucess AuthorZ you can see the serial number of certificate's template (when endpoint use TLS together with ISE). In mi experience, Mac work better with PEAP. You can add PEAP+Mac Address Internal (On ISE) to con...
Hi Raul, sorry my english is not good
Yo say:"WLC shows me the data correctly, it changes the interface, the ACL and changes the client status to RUN but maintains the IP address belonging to the old VLAN (non-routed vlan)"
In spanish...
Puede uste...
Hi MikeNow, I can detect the policy server (psn), the difference was ACL split tunnel. But, my issue now is the ftd can not remove of posture pending status. The dacl is downloaded in the ftd, but it doesn't remove the state for compliance policy. An...
