Hi,So was reading up a lot on the difference between the Cisco Anyconnect Roaming Module vs the Umbrella Roaming,Its clear that best practice is the Cisco anyconnect option as UR is EOL in a few months, so we recently deployed the new client company ...
Hi,on ISE 2.4 in the live logs pages the report that one got clicking on the repeat counter was very useful because the endpoints were sorted by repeat counters. So it was very easy to find the endpoints with high repeated counters.With ISE 3.2 the r...
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Hello,I have an IKEv2 Site-to-Site IPSec tunnel (VTI with static routing) between ASA firewall and 2 stateless HA routers configured with HSRP (IPSec end point is HSRP VIP hosted on the HSRP active router).Despite the fact it is not stateful (not sup...
We have tried upgrading from Cisco AnyConnect 4.10.07073 to Secure Client 5.1.1.42 with NAM connecting to wired and wireless networks.After the upgrade NAM fails to acquire the IP address from the phone.Connecting to enterprise EAP SSIDs and other us...
Hello,FTD's 2110 at 7.3.1.1.I have two datacenters running that code on 2110s. They have the same configuration for the most part and the same size fiber internet 500 Mbps circuit. Coming in on VPN1, running a speed test from my home connection is ab...
Hello,In the AnyConnect client under the "Scan Summary" tab, it shows the names of the posture checks as they are defined in ISE. Is there a log on the workstation that will actually show WHAT those items in the Scan Summary are actually looking at?
Hello everyone,I have a CISCO ASA 5555-X configured in multi-context mode and I want to monitor it via SNMP.However, I can't find the MIB files for this device.How can I get them?I don't have access to ftp://ftp.cisco.com/pub/mibs/supportlists/asa/as...
I have a weird situation I need to connect to two sepaate VPN (not at the same time).One of these requires Cisco Secure Client 5.x the second works with Any Connect 4.x.I have Cisco Secure Client 5.x installed, if i try connecting to the VPN that use...
After starting anyconnect I find network connectivity stops working under WSL2 (Windows Substem for Linux)the fix seems to be: Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 400...
Hello, as part of my preparation for CCNA Security I've been making up my own topologies and configuring them, however, I need a little help with this one. In the topology (included .pka), I configured VLANs, Port Security, OSPF, OSPF Authentication ...
Hi, Requirement is to enable dot1x wired authentication/authorization for Intune registered devices. There is only Azure AD and Intune. There is NO On premise component (no on premise/traditional AD, or ADCS) According to the following link, we need ...
The configuration below is an IBNS2.0-based config that puts all access-mode switch interfaces into an authorized state, with no MAB or 802.1x needed, to pull device-sensor information and ship it to ISE for profiling unintrusively. It is a nice...
Hey allI have a Firepower 1010, I need to disable the SIP ALG on it, I have access to the Web Client and Telenet access to make changes, can someone give me an easy way to make these changes, I don't have the ASA Software that could access with.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: