ASA picking from IPv6-pool on non IPv6 enabled Group Policy
I have a small nuisance.
We run Firepower 2130 with ASA image, and have several group policies with IPv6, but for a small set of users we need to run IPv4 only.
So I set up a group policy for this, but see that the ASA distributes IPv6 adresses from DfltGrpPolicy. Reconfigured and added/removed IPv6 pool and even restarted the ASA. The ASA is picking the adresses from local pools for all group policies.
I get the right profile, the right IPv4 scope, I do not inherit pool from DefaultGrpPolicy.
group-policy vpn_test attributes split-tunnel-all-dns disable address-pools value employee ipv6-address-pools none webvpn anyconnect profiles value LAB_AC_profile type user
* also tried with the standard employee profile* anyconnect ask none default anyconnect
What am I missing here?
I haven't got this behavior on any of my other policies.
We have the Endpoint purge to delete any thing over 365 days, but this wasn't working as standard since in was installedSo disabled and enabled again and this seem to fix it, as had just under 200k endpoints captured. But it removed all clients that ...
When we unregister FTD from FMC and re-register, all the static routes are lost on it. Sometimes device has database corruption, if re-image is the only solution then upon re-image, FTD comes up fresh and we need to configure everything from scra...
Hi,I have a very simple question; we have two ASA 5585-X working in Active/Standby Mode with multiuser Contexts.Normally Primary Unit is active for failover group 1 and 2; Secondary Unit is standby !At the moment our Secondary Unit is completely disconnec...
Meet the Authors Event - CCIE Security and Practical Applications in Today’s Network: Zero Trust
(Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event will have place on Thursday 29th, October 2020 at 1...
My company uses Microsoft Azure AD, and I sign into all my applications using that account. Can I use that account when I sign in?
Yes - all applications that support SecureX sign-on allow direct login with your Microsoft Azure AD accou...