Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect, Duo, Secure Access and more.
Hi community, we want to deploy firepower 3105 - version 7.3.1 to bridge two VLAN(119 & 191) on distribution switch and allow two network to communicate with the same subnet as following we have run the following test with 10.127.190.11 and 10.127.1...
My department is looking for implementing private VLANs on Firepower 2000 and 4000 series. Is this feature available or supported on FTD/FMC? Thanks in advance for the reply.
Hello Experts,I am in a situation of integration of Cisco ISE with Palo Alto Global Protect VPN. My goal is to configure Cisco ISE as a RADIUS server for Global Protect VPN users. While any user enters a username and password in the Global Protect po...
Can anyone provide a ikev2 vpn configuration guide between cisco router and paloalto , the main part is that Palo is using NAT'd ip address as peer in front of the real peer ip
Hi All,I am fully aware that 2.7 is EoL, but wanted to seek some guidance.We have 2 Cisco ISE nodes running on EoL 3515-K9, I recall that I posted some time ago issues I observed with deployment when it was still running Patch 7, I believe this was j...
I have setup a Route Based Site-Site Tunnel with Cisco Umbrella. Tunnel comes up fine. My issue is I'm using Policy Based Routing because I only want 80/443 traffic to go over the tunnel. Packet tracer shows that PBR-Lookup matches the ACL and identi...
Hello, After upgrading a coupple of FMCs to version 7.4.2.1, we noticed that the "Initiator Country" on the connection events page no longer show any data. We tried to manually update the GeoDB file, but we still not seeing any country information. H...
Hello All, We have 8 Esa cluster and all of them showing online when i check Connection status in Sma. However in delivery status page its showing down. Can anyone knows what could be the issue. PFB relevant snaps. Connection status in Sma Delivery ...
Between the ISR Router ISR4331, I have configured IKEv2, but the tunnel comes up.Setup like HUb and spokein the HUb router more than 35 tunnels are there, am facing issue with only one site. Logs collected from spoke router :Apr 15 12:32:03.188: IKEv...
hi,i got a 2911 router which currently has a site-to-site VPN working using the 'crypto keyring vrf' (for VRF aware IPSEC).i need to add another site (CUST-2) using the same command but different VRF (CUST-2) but getting the log and deug below. i alr...
I am trying to fix the MTU bug on the Anyconnect client. I currently have clients connecting to a ASA5545X that is running version 9.0(4) code. I don't see anywhere to specify svc mtu 1200 in webvpn or group policy on this code release. Does anyo...
We are currently using Cisco AnyConnect VPN client on Win10 machines for remote access and Cisco ISE providing 802.1x services on the LAN. The problem we are seeing is the Win10 Cisco AnyConnect clients are creating lots of connections to mus.cisco.c...
I created a ticket and received a notification that it was resolved. However, when I go to https://talosintelligence.com/tickets/559233, it redirects me to https://talosintelligence.com/. If I try to just go to https://talosintelligence.com/tickets/,...
Hello everyone. Has anyone had this problem before? my secondary device is keeps failing And it's keep telling me (Event description: Interface check This host:1 single_vf: diagnostic Other host:0 ) That I looked at the management interface I ever se...
Hi, I have recently upgraded my ASA to version 9.20.3.4We use certificates to authenticate clients, and on client computers, we use an application called "Net iD Client."Users with an older version of "Net iD Client" kept getting a "certificate valid...