Hi all;After conducting extensive investigations, during which I delved into various topics and related notes, deepening my understanding of the issue, I discovered that I couldn't implement SCEP with an External CA for BYOD scenarios due to a known ...
Hello community, what is the best practice to use SMTP authentication ? If we have smtp authentication on mail server is it a good practice to switch it to Cisco ESA ? I can`t find, what is the mail flow when user is using smtp authentication on Cis...
Hello, I am using Cisco Anyconnect to connect to VPN. The system is using Duo Desktop for device health. It is already installed, running and all the checks are ok. However, I am getting this error message and not able to proceed: Install Duo Desktop...
Hello,I have a problem with applying policies from CiscoISE 3.2 on switch C3750. It simply doesn't stop the unauthenticated users from logging in to switch, nor it prevent commands that are forbidden by the created policy. In Live Logs I can see that...
Hi, Does anyone know if we need something special on our CCO account in order to use the Secure Firewall Migration Tool? I have installed it, and as soon as I run it, it opens a browser and asks me to authenticate. Afterwards, I got a message saying...
Uploaded the Trusted CA Root certificate to the "Trust Store" in the SMC. Then I generated a CSR from the SMC "Additional SSL/TLS Client Identities" and signed it by the CA server "Windows server", but when I upload the new signed certificate and cli...
Hello, Good Day, Seeking help from you guys, currently I`m configuring Site to Site VPN connection from Cisco Firepower 2130 to AWS. I`m using the download configuration from AWS which is Cisco ASA 5500 9.X file, and I`m using Cisco Firepower 2130 ...
Hello everyone, Does anyone know the attributes to configure to make the CoA type reauth work on an Aruba 2530 switch (16.11)? I managed to make the CoA Disconnect and port bounce working but I don't have the solution for reauth and I need it for pro...
Hello! I'm trying to log in Cisco ISE, but it says: "Password is expired. Please reset your admin password." I tried to log in with ssh, it says: WARNING: Your password has expired.You must change your password now and login again!Changing password ...
Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It ment...
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Hello It's been a while since I have had to deal with an ISE Portal issue. Today was a struggle to get Android devices to not complain when trying to connect to a simple ISE Hotspot Portal. It was surprising to me that Windows and Apple iOS devices...
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
Hello all, We have ISE with DNA Center merged. We have a requirement to limit/control the number of users that are allowed to login to DNAC at anyone time. Most Cisco devices can control this but is there a way to do this via ISE RADIUS/TACACS+? I ca...
Hi, Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't? I have several devices not sending the anti-malware attrib...