I have a customer that has an existing VPN connection between their ASA and their corporate AWS account. As you may or may not know, AWS shares a set of public IPs for VPN peering across many many customers. AWS splits customer traffic out on the back end. Example... Customer A sets up a VPN with AWS using the remote public peer ip of 22.214.171.124. Customer B comes along and wants to setup a VPN tunnel to AWS, they also use 126.96.36.199 as their remote VPN peer IP, and so forth and so on.
So this customer already has a VPN to AWS and now they need to connect to a different AWS account but guess what, the remote VPN peer IPs are the same as the ones they are currently using. So this presents a problem with the tunnel-group configuration on the ASA. They already have a tunnel-group that matches the remote AWS peer IP and that tunnel group already has a PSK configured on it. In a perfect world I would have two tunnel-groups with the same name (188.8.131.52 for example) but with different PSKs. I know this isn't possible so does anyone have any ideas here or is my customer just up a creek?
Oh and both VPN tunnels require the isakmp identity to be the address.
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to leverage Microsoft Single Sign-On for multiple ISE Portals (for example Sponsor and Guest/BYOD Portals).
At the time of this writing, ISE cann...
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to create a BYOD Flow to provide Wireless network access using an employee’s Azure AD credentials.
The table below shows the whole Cisco Security solutions + Splunk integrations add-ons. Kindly let me know if I have missed some add-ons or if there are any new updates. Thank you!
Hope this will be helpful for everyone who is looking for Splunk in...
A python based script to generate report if there are disabled rules under an Access Control Policy and an option to delete those rules in bulk.
Step 1 Download the script on PCStep 2 Make sure python3 is installed on PC and have reach...
A python based script to generate report if there are double logging on FMC ACP (logging at beginning and end), having rule action "Allow" or "Trust". (Option1 )
Also, the logging at the begging will be disabled if logging is detected for both beginning ...