Context: I am currently testing a BYOD setup involving dual SSIDs using Cisco ISE 3.3 for mobile devices. The configuration process begins with an open SSID, followed by a secure SSID connection via TLS once the profile and certificate are retrieved ...
I have to renew the admin certificate in a pair of ISE nodes (Prim / Sec) on Version 3.2.0.542 Patch 4. Currently both devices have the same admin cert that expires in little over 3 weeks. All the names and IPs in this thread are placeholders. I gene...
Hi,So was reading up a lot on the difference between the Cisco Anyconnect Roaming Module vs the Umbrella Roaming,Its clear that best practice is the Cisco anyconnect option as UR is EOL in a few months, so we recently deployed the new client company ...
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
Hi there,Is Cisco Firepower have a Database for malware signature?When i check TECSEC-2599.pdf p77, the information is: FTD will first calculation the sha, and than send to FMC and FMC will check the Reputation from AMP Cloud.But i got another inform...
Hello,FTD's 2110 at 7.3.1.1.I have two datacenters running that code on 2110s. They have the same configuration for the most part and the same size fiber internet 500 Mbps circuit. Coming in on VPN1, running a speed test from my home connection is ab...
Hello,I have an IKEv2 Site-to-Site IPSec tunnel (VTI with static routing) between ASA firewall and 2 stateless HA routers configured with HSRP (IPSec end point is HSRP VIP hosted on the HSRP active router).Despite the fact it is not stateful (not sup...
Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It ment...
Hello everybody,our customer has FMCv rel. 7.2.5.1 and two Firepower 1120 in a HA running rel. 7.2.5.I have installed the FTD patch to rel. 7.2.5.1 successfully but the release that the FMCindicates is still 7.2.5 (see attached screen dump).Do you ha...
Hello everyone,I have a CISCO ASA 5555-X configured in multi-context mode and I want to monitor it via SNMP.However, I can't find the MIB files for this device.How can I get them?I don't have access to ftp://ftp.cisco.com/pub/mibs/supportlists/asa/as...
C1000-24P-4G-L (15.2.7E10)Like the title suggests this is what I want the switch to do:Depending on what device I connect I want it to either do thenormal 802.1x authentication (workstation / VLAN 10) by the radius server.but if it is a device with a...
Hi,on ISE 2.4 in the live logs pages the report that one got clicking on the repeat counter was very useful because the endpoints were sorted by repeat counters. So it was very easy to find the endpoints with high repeated counters.With ISE 3.2 the r...
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
We have tried upgrading from Cisco AnyConnect 4.10.07073 to Secure Client 5.1.1.42 with NAM connecting to wired and wireless networks.After the upgrade NAM fails to acquire the IP address from the phone.Connecting to enterprise EAP SSIDs and other us...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: