Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I am trying to restrict SSH access to the management interface of the FTD device.Can someone share the correct procedure? Platform settings apply only to the data interfaces and the management interface is still accessible.I tried applying ssh acc...
Hi ,I have a customer facing issues with authentication to his fortigate firewalls with the use of Cisco ISE as Radius server.ISE is integrated with RSA Secure ID and authentication policy works for majority of devices. However there are two new Fort...
Hi,I thought I will share the update for anyone who has the same issue.Basically, we were hitting the below bug.CSCvx71156 - access list is not working on 6.7https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx71156Cisco TAC came up with a workaround ...
Thanks, MarvinIt does not work for me in production. It works fine in the lab but I am using a different version there.When I configure ACL it does not remove entries but just duplicates them and add to the bottom of the ACLAnother thing is I cannot ...
That's what I did.I configured acl in the formatConfigure ssh-access-list 10.1.1.0/24,10.2.0.0/24,172.16.0.0/16Unfortunately, permit any any entries are still retained.
Hi Marvin,Thank you for your reply.I just did some more checks and can see that my ACL is applied. However, I have two permit any any statements at the beginning and the end of ACL. Please see redacted entries below. show ssh-access-listACCEPT tcp --...
HiYes thats correct. ACS + RSA works fine ISE + RSA does not work on these devices. However, ISE + RSA works for other devices in the network so I do not suspect there is something incorrect in the integration or radius policies. Do you mean timeout ...
