Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, We are using Digicert certificates for ISE 1.4 which is expiring in a month. All our guest portals, sponsor portals and all ISE URLs, AD etc are currently on the domain company1.com. BUT the problem is we don’t own this domain anymore but we ...
Hello All, We are running ISE 1.4 in our environment. We have a particular user where its showing that the user account is locked when authenticating on ISE against an AD. Have attached a screenshot for reference. I want to clear the cached credentia...
Hello All,
I want to deploy NVM where a user's detailed flow should go the Mcafee syslog server. Can someone let me know if its really required to have a separate IPFIX collector component or is it okay if I redirect all the user flows(UDP 2055, 20...
Hi all,
We are having a weird situation where I am unable to take RDP of an Always On Anyconnect user when he is connected via FQDN A. There are no connection or internet issues from the user side. But if he connects via FQDN B, I am able to take R...
Hi All,
So far, we are using an Always On VPN where users are authenticated against an AD inside the client network. Now we are planning to deploy some users who will be authenticated against a MS Azure AD on the cloud. Our requirement is to create...
Hi Balaji,
I am planning to create a new XML client profile with NVM inherited and will be opening the port UDP 2055 on ASA. The plan is to send all the flow traffic of each and every Anyconnect user to the syslog server. My only concern is whether a...
Hi Francesco,
Thank you for your inputs. On further analysis, i could see I am unable to ping that user as well. On check routes, I got the following output.
V 10.6.42.21 255.255.255.255 connected by VPN (advertised)
When i try to conect with ...
Hi Balaji,
We are authenticating against the AD.
And thanks a lot for the links. I will look into these, try to implement it and then get back to you. Grateful for all your help and time so far.
Regards,
Abhijit
Hi Balaji,
Thank you for your inputs. As far as 3rd question, here's the thing:
Say, I want a list of Anyconnect users or who had logged in for the last one week/month, how do I retrieve it? On the ASA, I could see it only stores active VPN sessi...
Hi Balaji,
Thanks for your inputs. I want to clarify a few things:
For question 2 you replied "Netflow will be enable in the device, but it sends more information to Log Server, i am sure you have good compute power to handle those logs."
For ...
