Security

Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Browse the Community

Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace

31706 Posts

Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.

70252 Posts

Duo Security

Get started with or get better at administering and using Duo by interacting with peers and experts!

3176 Posts

Activity in Security

Requiring Assistance for AnyConnect SSO with Azure

Hello everyone, I'm currently troubleshooting AnyConnect SAML SSO via Azure. Below are some details about the environment and current troubleshooting steps that have been taken so far. The goal is to have users authenticate with their Entra credentia...

Secure connect keeps popping up or stealing focus repeatedly

Running Window 10 fully patched and I've installed Secure Client on a bunch of our users machines. Things seems to work for the most part, but there is an annoying behavior that I can't seem to find the cause of. Randomly, multiple times a day, the S...

anfare by Level 1
  • 138 Views
  • 1 replies
  • 0 Helpful votes

D287: Duo Release Notes for Mar 29, 2024

New features, enhancements, and other improvementsNow in public preview: Duo Mobile with time-based one-time passcodes (TOTP)Now in public preview: Require user verification with PIN or biometric for WebAuthn roaming authenticatorsNow in public previ...

Screenshot 2024-03-15 at 1.36.57 PM.png Screenshot 2024-03-12 at 11.49.04 AM.png policy-compact-view.png Screenshot 2024-03-18 at 10.57.36 AM.png

FMC/FTD WebVPN password spray?

We are, and have been seeing what I am interpreting as password spray attacks when viewing the VPN "Troubleshooting" logs within FMC. We do have webvpn enabled and are using DUO as MFA. We have configured only specific users within one AD group to be...

jbeach44_0-1711391397063.png
jbeach44 by Level 1
  • 273 Views
  • 3 replies
  • 1 Helpful votes

Am I getting "Attacked". ISRC111 has this non-stop

   *Mar 26 18:52:38.403: %SSH-5-SSH2_SESSION: SSH2 Session request from 47.96.98.30 (tty = 0) using crypto cipher 'chacha20-poly1305@openssh.com', hmac 'hmac-sha2-256-etm@openssh.com' Succeeded *Mar 26 18:52:47.210: %SSH-5-SSH2_USERAUTH: User '' auth...

TheGoob by Level 4
  • 138 Views
  • 4 replies
  • 0 Helpful votes

Host Information not visible

The scenario is that all traffic ingesting to flow sensor is north-south, and all hosts are NATed by public IPs. Currently, there is no east-west traffic. However, if east-west traffic were to ingest, would the hosts be visible as endpoints or networ...

PTR DNS Records Umbrella

Hello community,inside of our network we use DNS forwardes pointed to Cisco Umbrella DNS servers.Software using these forwarders is generating events about failed PTR DNS lookups with string "DNS temporarily down".Connection to outside is managed by ...

ASDM Searching for Specific IP address on Logs

How to I use the Real-Time Log Viewer in ASDM to search for XXX.XXX.XXX.1 and it not show XXX.XXX.XXX.123, for example? I want to see only the IP ending in .1, NOT the ones ending in .12, .11, .134, .150, etc.I have tried adding quotes, as in "XXX.XX...

Linux EAP-TLS Authentication

All,   I am trying to get EAP-TLS working on an Ubuntu Linux machine.  The system is controlled by Centrify and Centrify has pushed out a certificate, private key and chain file to the machine.  I am attempting to use the wpa_supplicant with the foll...

Capture.JPG.png
paul by Level 10
  • 4760 Views
  • 2 replies
  • 0 Helpful votes

Cisco Umbrella Switching to Admin User

Has anyone else ever had someone's Cisco Secure Umbrella Client switch to filtering as the device local admin account instead of these user? Hre is what I have seen occur at least 3 times now.WE have a user who is in a policy that allows social media...

jmorton1 by Level 1
  • 56 Views
  • 0 replies
  • 0 Helpful votes

BGP between two remote FTD

I have two Firepowers in two remote offices and i have two ISPs in each office, i had configured vti ipsec vpn between two offices but they are working with static routes, can i configure dynamic routing protocols for failover vpn? I tried to configu...

Migrating ASA5510 to FRP1010e issue

Hi colleagues, I have the following issue, I'm migrating from cisco ASA5510 to FRP1010e managed via FDM. The configuration is simple and I moved it to the new device(FRP1010e). I have configured one interface for OUTSIDE with public address and VLAN ...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: