Does Cisco ASA support FQDN based split-tunnel for Ubuntu machines? Will Dynamic split tunneling functionality work with Ubuntu?
Forum Posts
ASA5555-X is going EOL this fall, so we have to upgrade. Looking at running FPR-1140 with ASA to maintain easy migration of 70+ VPN tunnels. Also using AnyConnect 4.9 client currently. I haven't found anything saying i wouldn't continue to be able to...
HI We have an ASA 5525 firewall and it's currently being attacked by brute force VPN attempts. This is affecting our NPS and causing it to crash. The outside interface has a simple deny any any rule which is blocking everything however the firewall s...
Hello, We are experiencing an issue with Cisco AnyConnect Secure Mobility Client on Windows 11 that started recently. When the service “Cisco AnyConnect Secure Mobility Agent (vpnagent)” is set to Manual, the VPN client fails to start and displays ...
The Cisco will not implement because of VPN Tunnel being used by other user does not apply to on premise Desktops with VPN disabled which is the most likely place to use fast user switching. If this is still an issue then a standalone Umbrella client...
We have moved portions of our machines to CSC 5.1.5.65 which is the last update needed in order for auto-updates to work. The issue I am experiencing is that when CSC updates it pops up a notification window that does not go away until it finishes d...
I have configured a new Service Access list defining which countries are Allowed (and with a default of Block) and applied it within the RAVPN config. However, I am still seeing auth requests of malcious attempts to connect from countries that should...
Hello,We have the following issue. Two-factor authentication (2FA) via Microsoft Authenticator is configured on a Cisco ASA. The tunnel group on the ASA is connected to Cisco ISE, which acts as a RADIUS proxy.In the condition, the Cisco ASA's IP addr...
A customer has an MPLS network with BGP routing that is used as primary communication between their HQ and 10 smaller remote sites. As backup they are using VPN tunnels between a FTD firewall at the HQ and C1111 IOS XE routers at the remote sites. Th...
Hi Community Members.,I am not certain what license that would be needed to achieve SSL and Anyconnect vpn for remote workers using ISR4331-SEC/K9 or any other higher model..I would need your advice on the Hardware and requisite licenses to be proc...
I'm trying to initialize IPSec tunnel to AWS basing on AWS instructions and it looks that ASA is not even trying to initialize connection.When I turned on debugging, it looks that ASA is in receiver mode (I see connection attempts from old site), but...
Has anyone had any experience with the following: i have an ASA 5510 at a branch location and im trying to set up an ipsec s2s between the two. The ASA gets its external address from the the provider via dhcp and the Palo Alto is static. When configu...
Hi, I have dmvpn network with 2 hubs and spokes. Spokes have 2 separate mgre tunnel to the each hub (primary and secondary). For routing i am using eigrp.On the Primary Hub i see route to the network which is network between secondary hub and spokes ...
Folks, I have an old school question. I have a use case that I think can be well met by using the Easy VPN solution using "Network Extension Mode" as opposed to "Client Mode". Is this capability still supported on new ASA firewalls or IOSXE routers? ...
Hi all!Under site-to-site VPN, in the Advanced->IKE Policies menu option, we can see IKEv2 policies list.If we change the priorities will it cause downtime on any established VPNs?By changing priorities I mean negating configuration and applying new ...
