Activity in Security
Meraki Duo SSO through SAML
I'm tryign to set up Duo SSO for Meraki Client VPN, the knowledgebase seems out of date as it refers to choosing the Applciation Protect page when currently it's meant to use SAML. I have a few items I am not 100% sure where to get1) I think the enti...
DUO offline keeps looping
Hi. Our end-users suddenly has issue with DUO offline, it keeps on looping on the offline page. This only occurs on end-users who are on overseas or outside Singapore. Initially, they can log-in to their DUO, however after few days, they're already p...
Duo Desktop not recognized
Hello, I am using Cisco Anyconnect to connect to VPN. The system is using Duo Desktop for device health. It is already installed, running and all the checks are ok. However, I am getting this error message and not able to proceed: Install Duo Desktop...
Allow ISE captive portal DNS entry on outside DNS.
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
unknown IPs in FTD outbound logs
I am managing FTD-1120s with FMCv both running v7.2.1 software. In my ACP I have a GEO rule to block all outbound traffic to China, Russia, and I few other "hotspots". When I search for events that match this rule, most of the traffic is from inte...
Cisco Secure Client CVE-2024-20337
Following upgrading to upgrading to 5.1.2.42 to fix the vulnerability CVE-2024-20337Within Microsoft Defender this is still flagged as vulnerability for the CVEIt appears to refer to a component of the install:C:\Program Files (x86)\Cisco\Cisco Secur...
Resolved! ASA-AWS unable to ssh into new instance
This question has been asked a couple of other times, but no one has ever answered it. I am bringing up an AWS instance running the Cisco ASAv 9.9.2.1 application, but I am unable to ssh into the resulting instance.I am following the instructions pro...
802.1x Cert Auth - What does the PSN Do with the Client Cert?
Please see the attached file. When a Windows client connects to the network and its supplicant is configured to send the computer certificate, what exactly is the PSN doing with this certificate? In the attached i have a use of Lab_dot1x_Certs (See...
Cisco advsecurity and SecurityK9 license transfer.
Hi all, I have a bit of an issue where I work in that we have a number of very old series 800 routers with either an advsecurity license or a securityk9 license installed, I don't have the smart accounts for any of these (before my time) and I am now...
Resolved! ISE Failures - MAB instead of 802.1x
Hello, I've been struggling with an issue in our ISE deployment for months. Basically, we are trying to restrict wired network access for computers by looking for 802.1x and then authorizing if the CA issuer for the machine cert is our internal CA....
PBR on ASA to Interface Without Directly Connected Next Hop
I have an ASA on which I'm trying to use PBR to route to one of two ISPs which I'll call "slow" and "fast." The interface to the slow ISP is connected to a subnet on which the next-hop address is clearly in the subnet and it would count as "directly ...
Max number of licenses available for Cisco ISE
I'm speaking of Essentials/Advantage/Premier. We use on-prem SSM.is there way to know how many licenses Cisco ISE gets from the binding to a virtual account on Cisco SSM?The only piece of information is the consumed ones, like knowing how many you ar...
FMC IP fragmentation to no fragmentation settings can couse outage?
Hello everyone, I have the following issue:The customer would like to disable FMC packet fragmentation globally. According to the Cisco documentation it is quite straightforward.Source chapter: Fragment SettingsCisco Secure Firewall Management Center...
The operation took longer than expected.
I have just synchronized both Active Directory and Cisco ISE, ISE is using my server (AD) as an NTP server, everything is fine, but now I'm facing an issue "Status Summary: The operation took longer than expected. This may be caused by slow network c...
Cisco ISE integration with SCCM
Hi While Integrating ISE with SCCM 2012 based on below link, i am getting error related to DCOMhttps://community.cisco.com/t5/security-knowledge-base/how-to-integrate-cisco-ise-with-microsoft-sccm-for-patch/ta-p/3725035 Do any one having solution on ...
| User | Helpful Count |
|---|---|
| 52 | |
| 44 | |
| 35 | |
| 24 | |
| 22 |
