Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
We have a FirePower 8350 appliance configured for IPS "monitor-mode" or IDS mode. The FirePower appliance connects directly to our Nexus 9k core switches. We have SPAN configured on this core switches to send a copy of the traffic to the FirePo...
Good day, We are trying to integrate newly configured FirePower Management Center 6.2 with our existing ISE PxGrid 2.1 cluster.The ISE deployment is as follows: - 6 node cluster - 2 x nodes for ADM/MnT - 2 x nodes for PSN - 2 x nodes for PxGrid Note ...
Hello,I am trying to setup a remote access solution using Cisco AnyConnect. My scenario is as follows: - I have 3 different classes of users (defined by group polices on the ASA). Each group gets an IP address from one of 3 available pools- These 3 A...
Hello,We are implementing a new AnyConnect VPN solution using certificate based authentication. One of the key requirements is to create 3 different group polices whereby the appropriate restrictions will be applied. The requires that user recieve IP...
Hello,I have an ASA pair (8.4.2) configured for failover; it hosts a SSL VPN server using 3rd-party signed certificates. We need to swop out the primary ASA (the one loaded with the certificate) with another unit as the “PRIMARY” unit is faulty. I un...
Hi Marvin,I cannot ascertain LDAP group assignment with LDAP authentication when using certificates though. All I can confirm is that the certificate is validated, hence the VPN session is established. It seems like the LDAP mapping to RADIUS class i...
I will clarify:1. Your PRIMARY unit is faulty and Standby is now Active unit correct? So everything works well and certifiates are1. replicated on Standby(now Active) unit. So you don't need to promote it to Active right?- When we switch over to sec...
