Hi, I have configured anyconnect vpn, connecting to the primary ISP is working. In the profile xml I have two backup ISP connections in case the primary/secondary is not available. When connecting to the secondary ISP the connection is blocked becaus...
Forum Posts
Dear all, I am new to security issues and I have a complicated scenario. I changed the IP addresses so as not to expose the network, but the scenario is complete. I have 2 branches in Brazil that communicate via LAN-to-LAN. Wherever I close the VPN (...
Resolved! VPN Failover not working - C1117 router
Hi all, I've have routers with the following config - crypto map tunnel-vpn 10 ipsec-isakmpset peer xxx.xxx.xxx.xxx defaultset peer zzz.zzz.zzz.zzzset security-association lifetime seconds 28800set transform-set tunnel-vpn-site-link-tsmatch address ...
Hey all,I've somehow successfully got an IPSec tunnel up between 2x 5506-X ASAs in packet tracer (something of a miracle for me, although this is using 3DES at the moment which I need to correct) but as soon as I apply a dynamic NAT rule [nat (inside...
Hi,we have 2 routers connected to each other via an IPSec tunnel. Both routers are on private networks so there is no natting going on.The IPSec tunnel is fine and traffic is flowing between the local networks (crypto map/access lists are fine) via t...
Hi All,I am seeking guidance on process of changing CA.We currently use Firepower firewalls at HQ managed by FMC. It is configured for Remote Access and has been uploaded with both AnyConnect Client Image and AnyConnect VPN Profile.Same Cisco AnyCone...
UPDATE: I am now being told that this IPSEC Tunnel is no longer needed, so I no longer need to convert it to IKEv2.Hello,I have a Cisco ASA that has three IKEv1 tunnels and I need to change one of them to use IKEv2.Attached is the original running-c...
Resolved! VPN Load balancing (Design)
Hi All,We're about to re-design our AnyConnect remote access solution, moving from a pair of FTD 1140 in HA (they are a part of a branch office), to something that can provide more bandwidth to our users. It's a business requirement, so I won't argue...
Hi All,We currently run cisco firepower firewalls (in ASA mode) with anyconnect access for staff, this is all working very well with users connecting with the Cisco Secure Client (ver 5.1). However, we now have a requirement for Cyber Essentials in ...
Hi,I have been informed that there is a potential vulnerability on our ASA SSL VPN since the webvpn is enabled. here is the config on the ASA with specific questions. please advise:webvpnenable outsidehttp-headershsts-serverenablemax-age 31536000incl...
Hello All,My organization recently migrated from the ASA firewall to the Cisco FTD. I noticed from my little research that the webvpn was discontinued in cisco FTD. I somehow still believe cisco would have created some work around or something and ma...
win11上使用anyconnect 3.1版本可以登录,登陆后会自动升级至4.8版本,就无法使用了请问如何关闭自动升级?有尝试过将C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile下的文件编辑,修改autouupdate为false,没有成功
Hello, We are deploying a new FPR1010 to be in appliance mode using ASA. Following the guide to download a image(asa version 9.19) and then install it. But the instillation paused because of a error which is Failed Image Validation. firepower /firmw...
Resolved! Adding Client Image fails
Having a strange issue when I try and add a client image I receive the following error."Error during file upload. Please ensure that the Firewall Management Center has enough space, the file is valid and that the file name contains only letters, digi...
