About Terry

Terry · 09-16-2025

Hi Its my understanding from previous machine tunnel configurations on ASAs/FTDs, that the machine tunnel XML profile name needs to be 'VpnMgmtTunProfile'. However, when I download the machine tunnel XML from Secure Access the file name is 'machine-t...

Terry · 09-04-2024

Hi, when configuring the AMP Enabler profile, can the Mac Installer URL point directly to the SE portal? i.e. using the URL provided under Management > Deployment > Download Connector - selecting required Group, then copying the URL displayed under t...

Terry · 07-11-2023

Hi, I have the Anyconnect management tunnel feature configured on FMC/FTD which is working as expected: - Mgmt tunnel establishes before user logins into Windows - After Windows login, mgmt tunnel remains up, but disconnects when the user tunnel is e...

Terry · 05-22-2020

Hi I'm seeing an % Authorization failed error when I try to access my switch via the console port.I want to separate my VTY and console access -vty to use TACACS - this is workingconsole to use local database I have the following config in place: aa...

Terry · 07-21-2019

Hi, we have a 2 node ISE deployment with authentication requests going to ISE1. This is configured for multiple different connection types and all works as expected. However, when I test the PSN failover by removing ISE1 from the network I have issue...

Terry · 09-16-2025

Hi MHM Thanks for your reply. In the 'Cisco Secure Client Administrator Guide' is shows an example of the machine tunnel configuration on an ASA and states the following: You can deploy only one management VPN profile to a given client device. The ma...

Terry · 07-12-2023

I thought that would be the case, but just wanted to double check that my understanding was correct and I wasn't missing anything. I appreciate you both taking the time to reply. Thanks

Terry · 07-21-2019

Hi MarvinThanks for your reply.Each node has its own certificate issued by the CA hierarchy with its FQDN in the CN, the SAN option is not being used.The identity certificate on both nodes have the EAP service associated and both have the correct CA ...

Terry · 10-20-2017

Thanks for your reply Rahul. We had already tested the ASA posture / registry key option which worked fine. My customer asked the question, so I just wanted to make sure I wasn't missing an option that could be used. Kind Regards Terry

Terry · 03-01-2017

Hi Marvin Thanks for your reply. I don't have console logging enabled on the ASA's. When I look at the Terminal Server lines connected to the ASA's I am seeing noise and overruns, however, I am also seeing these on other lines that are working ok....

Member Since	‎01-27-2005 01:49 PM
Date Last Visited	‎09-17-2025 05:40 AM
Posts	46
Total Helpful Votes Received	2

User Statistics

User Activity

Secure Access Management Tunnel XML File Name

Secure Client AMP Enabler for Mac

Anyconnect Mgmt Tunnel

2960X Switch - Console Authorization

ISE PSN Failover

Re: Secure Access Management Tunnel XML File Name

Re: Anyconnect Mgmt Tunnel

Re: ISE PSN Failover

Re: VPN Machine Authentication

Hi Marvin