Hi all,
Now we are using RA VPN in Different firewall ,Will enable RA VPN In FTD manage by FMC
Flow -External user -Permitter firewall FTD -RA VPN firewall FTD -
AAA-Cisco ISE -Mostly Authentication -Certificate + OTP
Now our main concern is how ...
Hi All,
In our current environment S2S vpn is running on 7.2.5 with two interface -outside and inside .Now we want to enable RAVPN in same ftd instance and want use same public ip for RAVPN and S2S vpn.
Need your expert opinion -Is there any problem...
Hi All I am trying to configure my switch to get authentication using radius .Here is the below configuration aaa new-model!!aaa authentication login default group radius localaaa authorization exec default group radius localaaa accounting exec defa...
Hi AllI want to Extend only one vlan to other Data center for some migration purpose.The following configuration is example for trunk port to carry multiple vlan.But my need only one vlan.Can we configure the L2 connectivity with OTV router and L2 sw...
Hi All Can any one help me to solve the below mentioned issue.Actual in X.20 .one web service is running but page is not opening when i am trying to open by any browserWe can telnet by port 80 and also IP address is proper ping and trace routeDo you ...
Hi Marius,
My query was for brute force against the RAVPN ,I understood your recommendation. We are trying to enable as internal Certificate as posture checking must and MFA will be domain Domain credential + MS MFA -
Which one will be good -AAA is ...
Hi CCIEEXPERT,
Thanks for your kind advice ,Just to clarify this part "but if you have MDM or MS CA and domian users, then its not that difficult."
You meant if we have own internal PKI ,It will be secure internal domain user ,However for external do...
Hi MHM
Thanks for your prompt reply ,As I can understand only hardening we can do ,seems there is no method to completely prevent a brute force attack attempt,
Apart form the soft hardening ,Can we do something more like any device or software et...
Hi all,
Thanks for all your advice ,
However we are exploring now to use RA VPN instance which will put behind another firewall
Flow -External user -Permitter firewall FTD -RA VPN firewall FTD -
AAA-Cisco ISE -Mostly Authentication Certificate + OTP ...