Hi.I'm trying to setup Remote Access VPN on Cisco FTD 6.2.2. Client (192.168.55.202) can ping IP address on FTD (gig 0/1.509 - 192.168.59.3) but cannot reach the HTTPS web page while using https://192.168.59.3 address on its browser.I captured traffi...
Forum Posts
Hi! We are SNMP monitoring cacheTotalRespTimeNow and from time to time this value peaks extremely high, but no users has complain We have added the accesslogs Date: %L Dst-IP: %k UsrAgnt: %u ADGroup: %g AuthMethod: %m TransID: %I PrfPara: %:<a ...
Hi: I'm trying to block the upload of any document to Google Drive. I have applied the configuration in the Applications section within Access Policies, and I have also configured a decryption policy where I define the decrypt rule for the Online Sto...
Hi, We are a service provideder to many companies which uses Cisco Product(we are not sure about the extent of product/services). We provide emergency planning training to various organisation. One of our client has come back to us saying, most of ...
Hello, I am trying to drop a connection to a specific path of a URL in Decryption Policies and allow only access to the homepage of that site. The URL looks like https://exampleurl.eu/en/home.html. This is the part that I would like to allow. The p...
Hi Guys, I have two WSA S170 and i want to enable HTTPS proxy, but i don't have root certificate. My question is how can i get a root certificate and how can i uses the certificate to enable HTTPS proxy Thanks Ermias
Hello folks. I have an old C170 that is out of contract and end of life. It was working fine for a few years up until this week. I received a few e-mails this morning from the C170 saying "A failure occurred while building periodic report 'Internal U...
Resolved! error in joining in active directory
Failure: Error while fetching Kerberos Tickets from server 'x.x.x.x' :kinit: krb5_get_init_creds: Client (wsa-dcb$@XXX.COM) unknown Failure: Queries to server 'x.x.x.x' on port 389 failed :Server doesn't accept anonymous queries
Hi Guys, I have a WSA-S670 and Cisco Support engineer has confirmed the RAID Battery faulty and will send a RMA RAID Battery. I found below documentation to replace the RAID Battery. https://www.cisco.com/c/dam/en/us/td/docs/security/wsa/hw/RAI...
Hello dear wsa security fans,on my WSA (AsyncOS 10.5.1-296) I configured HTTPS proxy — using Intermediate CA (uploaded private key & certificate), as you can see on attached screenshot.My question is where can I export RSA private key, which WSA uses...
We have configured password locked out policies and noticed that once we enabled External User Authentication, the admin account does NOT get locked out, this has been tested on SMA 11.5.075.When disabling the external authentication, the admin accou...
Hi all, I have upgraded our S100V to AsyncOS Version 10.5.2-042 and started to fail. For some reason after the upgrade, all the outbound connections from the proxy to any webserver go to destination port 8888 instead of 80/443. After having a look,...
If stealthwatch isn´t an option, can I propose the "Global traffic destinations" as a kind of netflow function? Or they have something in common?Do i have reverse proxy on the "intelligent proxy" function?
Hello, My WSA is on version 9.1.1-074 and I'm having a problem whenever I try to edit my Bypass Settings list or change a custom URL Categorie. On my Bypass Settings, even if I don't edit NOTHING at all and just click "submit" after clicking on "Ed...
Hello:I am configuring the policies of access to users in my company and I would like to request your help to better understand what is the relationship between Identification Profile, Decryption Policy and Access Policy in a Cisco WSA 390. In advanc...
