Hi All. I would like to get your thoughts on the following issue i have been facing since implementing Dual ISP and failover for site-to-site vpn tunnels.Hub Site:ASA5515 using 9.6(4)42Spoke sites:Cisco ISRs using 15.1(4)M8, using voip services over ...
I have a requirement for VPN with MFA for a subset of users, while protecting the other users from Spray attacks. Scenario: Customer is currently implementing VPN with MFA for a defined set of users (1/3 of staff)Most users do NOT have a requiremen...
Hello, we're running Cisco Anyconnect 4.2 NAC to connect to our VPN. I'm running into an issue where it's telling me that there are no network adapters. I've tried uninstalling/re-installing the network adapter drivers, Cisco NAC and I just can't get...
We are having an issue were after disconnecting from AnyConnect and connecting the next day, they get a new IP in AnyConnect but in our local DNS they have another IP which I assume is probably from the day before. This obviously causing name resolut...
OK, so I've got a set of ASA's and we are migrating them to Firepowers, and all seems ok. In the past we have noticed that for some reason on the ASA's, no matter what you specify as the parameters for phase 1, the rekey timer always connects at 3600...
Hi, We are trying to implement Azure SAML SSO on our Firepower 1010. We are using ASA 9.19.1 and Secure client 5.0.02075. When we try the login via Azure by clicking the "Test this applicaton" the login works and there are no errors in the logs. The ...
Hello Team,I have below topology : -I have ipsec vpn from on-prem to aws cloud. the two endpoints [192.168.40.10/32, 192.168.30.10/32] work fine as they are allowed on the encryption domain.I have users using remote vpn to connect to on-prem dc to a...
Hello, Is it possible on Cisco FTD managed by Cisco FMC define multiple DH Group in Phase2 ? From what i see it is just possible one. I tried put , but it doesnt accept. Also looking maybe for option to add thorugh flex config but didnt find any rel...
Cisco AnyConnect Secure Mobility Client version 4.10.04071 shows "No Wi-Fi adapters available." when in fact there is an active wifi connection. I can also make a VPN connections.Seems like a GUI error?See screenshot:To reiterate
I've noticed that as of Secure Client (AnyConnect) 5.x I get an error at the ASA CLI and ASDM when I try to change the Linux web-deployed AnyConnect client version. I have no issues with Windows or macOS AnyConnect clients. I've confirmed on ASA5585-...
Hi, Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't? I have several devices not sending the anti-malware attrib...
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
Hi Team,Our Router having many ikev2 proposal, as per TAC suggestion we need to combine in to single policy. Please let me know for this activity any down time needed ?
Hi! The last weeks it has been a big increase of brute force attempts from all over the world to our Cisco ASAs. We use two factors, so we're not to afraid that they will actually access any of our accounts, but the problem is that they manage to blo...
As per the CVE, the detailed information is available in the advisory : Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerabilityhttps://sec.cloudapps.cisco.com/security/cente...
