Security

Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Browse the Community

Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace

31704 Posts

Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.

70247 Posts

Duo Security

Get started with or get better at administering and using Duo by interacting with peers and experts!

3175 Posts

Activity in Security

Error ISE and Duo

Hey guys, VPN on Firepower authenticating on ISE -> OK VPN on Firepower authenticating on Duo -> OK VPN on Firepower authenticating on ISE calling external Radius (Duo) for MFA -> NOK   Duo's auth proxy logging shows: "20): Cannot decode password usi...

SAML include all AD groups

We are looking at moving to SSO but need to be able to include all the groups a user is a member of. Is it possible to pull this from AD and include it in SAML claims?Ideally we would want to manage this in a single place (AD) so if we added a new gr...

sv45354 by Level 1
  • 1 Views
  • 0 replies
  • 0 Helpful votes

BGP between two remote FTD

I have two Firepowers in two remote offices and i have two ISPs in each office, i had configured vti ipsec vpn between two offices but they are working with static routes, can i configure dynamic routing protocols for failover vpn? I tried to configu...

Resolved! ISE admin Group AD users

I have created an external admin group in ISE, which is pointing to an AD group. There are several users in this AD group.Will all the users in this AD group gets ISE admin access or can it be restricted to few users.

manvik by Level 3
  • 101 Views
  • 4 replies
  • 0 Helpful votes

802.1x on NX Servers with clients

Hello,I've been planning to role out dot1x on my network. However, the network consists of NXServers in the DC with thin clients that connect back them at user desks.As I think about it, how would dot1x work in this environment? Connecting a PC to a ...

DamianRCL by Level 1
  • 53 Views
  • 1 replies
  • 0 Helpful votes

URL Logs

So, I'm task with finding if anyone else search or connected to a specific URL in the last 30 days. Does any know if FMC have a way of searching this or generating a report. I have only found ways to create a rule to log it go forward not from the pa...

Cisco Security Licensing Guide

This document describes license packages, bundles, optional subscriptions and add-ons, and licensing for Virtual Appliances. Some features may be licensed as add-ons but may also be included as part of a bundle. See the reference links for details on...

legends.jpeg amp4e.jpeg tg.jpeg umbrella.jpeg
rmoraisf by Cisco Employee
  • 41245 Views
  • 8 replies
  • 44 Helpful votes

Message Filter - ' VS "

When is the appropriate times to use ' or " when creating message filters?Is ' used when you are adding in your own string of characters and " used for a system defined item like in the following example?  header ("From") == 'example.com'

FTD is getting licensing connectivity issues

My FTD (FDM) running code 7.2.5.1-29 is getting the following message on the Smart License section: CONNECTION ISSUEFailed To Connect With License Server Lost connection for 0 days (Next Sync on 28 Mar 2024 11:06 PM). Please check and make sure the m...

Message Filter -Remote IP

I am looking at the following example in the admin guide:The remote-ip rule tests to see if the IP address of the host that sent that message matches a certain pattern.The IP address can be either Internet Protocol version 4 (IPv4) or Internet Protoc...

Migrating IPSec tunnel

Hello,I have a question about migrating a IPSec tunnel from between a Cisco C981F-k9 and a Cisco ASA firewall to a tunnel from the same Cisco C981F-k9 router to a Fortigate firewall. What is the 'best' way to migrate this tunnel?Currently I have conf...

MBestt by Level 1
  • 92 Views
  • 2 replies
  • 0 Helpful votes

Cisco ISE, Meraki MX FWs and dynamic VLANS

Hi,Our network only consists of Meraki products and now we are looking at the possibility of implementing 802.1X on wired and using Cisco ISE for that.Our business is geographically very spread out and we have both large and small branches. Some smal...

sdkhy by Level 1
  • 73 Views
  • 1 replies
  • 0 Helpful votes

SMTP route to Email Public address

Hello community,  i have a question, but can`t find answer on it.  If we have one listener for inbound and outbound communication and this private IP has NAT to public IP. We don`t have communication to mail server on private IP.  Is it a problem if ...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: