Hi together We had the following Setup: ASA with Anyconnect (Always on and SBL)This worked quite well (VPN gets establised before Login)Now we upgraded to FTD with Anyconnect (Always on and SBL)The Anyconnect now waits until the Edge Browser gets loa...
Forum Posts
Can anyone tell me how they have remediated this issue? I cant seem to find ANYthing on it after numerous searches. We have the VPN portal on our FTD, and our most recent vuln. scan returned the above finding.
Apr 3 22:29:55: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=5.1.2.3, prot=50, spi=0x8280(33408), srcaddr=6.2.1.2, input interface=GigabitEthernet0*Apr 4 10:17:37: %CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac veri...
Hi all,I just installed Cisco anyconnect on my brand new Macbook pro. In order to be able to work remotely I need to use an XML profile that is provided by my company. Unfortunately the dropdown in the client does not show the XML profile that I adde...
I have configured the management tunnel on my ASA per the URL belowhttps://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/215442-configure-anyconnect-management-vpn-tunn.html#toc-hId--447213908I am currently "tun...
I have a very unique use case that I need to add a message to the "Password" window that is presented at the authentication point for an user. In ASA this is done by accessing the ASDM > RA VPN > Edit Customization Object > Logon Form > Title > Messa...
Hi,I have a hub and multiple spoke. spokes configs are identical and all running EIGRP. only one spokes keep loosing tunnel and EIGRP neighborship every 15-25 min. please assist. here is some logs on spoke and hub:Hub:Spoke:
We are planning to get remote access connectivity but we are having this issue, currently, we are using Cisco ISR 4661 with a securityk9 evaluation license. after the configuration of the SSL VPN, we get. -The router work as a turst ca, and local cer...
Hello,I have configured my test network enviroment in Dual Hub Flex Vpn design on IOSXE 17.3.3 (C1111-4P) but with one spoke - something like this (on the Hub1 for example)===============section keyring===============My spokes have dynamic addressesc...
Hello Expert,I'm looking at the way to enable MFA using free radius. I have tried PrivacyIDEA, but I have not succeeded.Anyone with proper guidance on how to achieve this setup with free tools like PrivacyIDEA.Kind Regards,Dani
Title says it; can I get there from here?And, if so, where exactly is the Windows setup installer?
Hi, I recently was troubleshooting some tunnel issues between Palo Alto firewalls and noticed in debug messages that there were soft lifetime and hard lifetime exchanged in negotiations. Apparently hard lifetime is when the sa expires but soft is bef...
Most trainings and tutorials have DMVPN running with IPsec in Transport mode. However multiple spokes may be behind the same CG-NAT server... therefore the spokes may end up with the same public facing IP. I know this will break DMVPN.Can I just enab...
Hi, as the title says, I am unable to connect to my Cisco Secure VPN after updating my OS from Ubuntu 22.02 to 24.04. The error I receive is"You are missing the required libraries for the authentication method you requested."Upon closer inspection, t...
Hi all,I have FTD FDM device and I want to check what I am missing on this setup. I already completed the following setup as indicated in the Cisco Docs.Link: https://www.cisco.com/c/en/us/td/docs/security/firepower/720/fdm/fptd-Software version:Cisc...
