Resolved! Cisco AnyConnect user count increase
Hello All,I have cisco ASA 5525 and have 1500 VPN licenses , can I increase that as per my requirement ??if I can increase how to do that?
Forum Posts
Just wondering how you guys prevent DoS attacks to TCP/443 port on ASA/FTD firewalls used for RA VPN. It appears that ASA/FTD is wide open to them and a moderate DoS (80 tps) which establishes TCP/443 connections and initiates TLS handshake can bring...
Hello all,We're currently running a pair of 5555X in active/standby mode and have recently started seeing CPU utilization as high as 93% during peak period. We're considering changing the failover mode to active/active to see if we can share the load...
Hello, we're looking to add MFA to our Cisco AnyConnect VPN. We found this article: https://duo.com/docs/ciscoasa-radius, which appears to be the setup we need.We are wondering if after completing this setup we will still be able to use Active Direct...
We have an ASA in AWS and it has 2 VPNs, 1 to AWS (subnet A) and 1 to Azure (Subnet B)All traffic from the ASA to subnet B is source NAT'ed, so we never have to change or add subnets when going to subnet B.Subnet Z is on the inside interface of the A...
Resolved! FTD and AnyConnect PreConnect message
Wondering where to put the pre-login messages with AnyConnect and FTD. Using FMC to manage - I can create a profile with the standalone editor and attach to the group policy, but that doesn't give me the ability that the ASDM did with Anyconnect cus...
Hi All,I will find method how to monitor peak concurrent of Anyconnect VPN . But I think following command below . Peak Concurrent will increase continuously until ASA will clear statistic . If need to see per month of peak concurrent how to see that...
Resolved! VRF-Aware VPN?
The company I work for uses AnyConnect (SSL) to allow users to VPN into the network and be assigned to specific VRFs based on the URL (example.com/abc) that is provided within the client when connecting. Cisco is deprecating this configuration, but I...
Resolved! disable telnet, enable SSH
What is the easiest way to disable telnet on the public (T1) interfaces of my routers and enable SSH? Can I do this without setting up access lists?Thanks,Diego
I am having an issue with Anyconnect connecting back to the main organization. No traffic passes on the VPN. Users can't ping anything on the network, and it doesn't show int the event log. tracert doesn't even get one hop out. This only affects a...
AnyConnect Auto Reconnect/AnyConnect Network Access ManagerAnyConnect Backup Servers/ASA failover/AnyConnect Always On
Hi All,Recently I have migrated physical ASA Firewall to ASAv on Azure, however I'm facing challenges to reach OnPrem network after connecting AnyConnect. As an temporary fix, below NAT has been added, so that all the AnyConnect traffic goes via Fire...
This one has me pulling my hair out, as I already have similar ones working.So we have a site to site VPN between Cisco ASA and AWS. The requirement is for an Anyconnect user to connect to the firewall and then for the tunnel to the Redshift subnet t...
Hi,Is anyone can help me regarding the error encountered when connecting to Anyconnect? I have an integrated AZURE SAML w/ Cisco ASA for authentication. Here's my configurationwebvpnsaml idp https://sts.windows.net/x/ - [Azure AD Identifier] url sign...
I got this error after updating to macOS Catalina. I have tried to install the version 4.6, 4.7, 4.8 but still the same. "AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another...
