Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
@CHISHIUNG this is not a typical deployment and crypto map policy based VPNs are depreciated, so not worth designing a new solution for it. Why not just deploy a route based VPN, then the peer device can peer with each router and BGP can prioritise o...
@aaron-rousch Check out this guide about rolling back the SRU https://community.cisco.com/t5/security-knowledge-base/sru-mismatch-between-fmc-and-ftd-causing-deployment-failure/ta-p/4757553
The FMC software version has been EOL and EOS for a long tim...
@jesse-cornes if there are no 802.1X authentication failures in the live logs, then is the client even attempting to use 802.1X? - take a packet capture to confirm.
You don't need to do anything with the ISE certificate template if you have used Micr...
@ionos FYI, the last date of support for the ASA 5508-X is 31st August 2026. https://www.cisco.com/site/us/en/products/collateral/firewalls/asa-5500-series-next-generation-firewalls/eos-eol-notice-c51-744798.html Even if you resolve this issue, the h...