for Windows Anyconnect client if certificate expires a new certificate is issued by internal PKI and send to client machines. Now the client has 2 certificates, the expired one and the new one. If user connect Anyconnect stops working and there is an option to choose which certificate to use. But this is not a suitable option for the client, the client does not want their users to choose which certificate to use. Is there a way that AnyConnect automatically chooses the active certificate?
AutomaticCertSelection o If you use the AutomaticCertSelection set to false the user should be presented a drop down list with the certificates he can use o If this option is set to true, the system API returns the certificates in it's own order
Having the API doing their own check order is not fully recommended since this one could select the wrong certificate.
On the same document you have the option of using certificate matching which is going to set a criteria to be checked on the certificate.
Meet the Authors Event - CCIE Security and Practical Applications in Today’s Network: Zero Trust
(Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event will have place on Thursday 29th, October 2020 at 1...
My company uses Microsoft Azure AD, and I sign into all my applications using that account. Can I use that account when I sign in?
Yes - all applications that support SecureX sign-on allow direct login with your Microsoft Azure AD accou...
@Rob Ingram @balaji.bandi @Marius Gunnerud Hi Guys, Does ASA saves any logs by default? logs means if some sort suspicious activity happen within network and we want to see what Firewall saw at that time.I...
Attackers will always target the "low hanging fruit": devices that have passed end-of-software maintenance and end-of-support. A few years ago, Cisco described the evolution of attacks against infrastructure devices. All of the attacks discussed in t...
I somehow stumbled upon Cisco's IBNS 2.0 Auto Identity (AI) templates in my CML/VIRL IOSv layer2 image (IOS 15.2(6)).
I find these templates great, because these are the best practices that we tend to hard-code manually - e.g there are...