Activity in Security
Lock AnyConnect profile to specific certificate
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
Limit the number of concurrent logins to DNAC
Hello all, We have ISE with DNA Center merged. We have a requirement to limit/control the number of users that are allowed to login to DNAC at anyone time. Most Cisco devices can control this but is there a way to do this via ISE RADIUS/TACACS+? I ca...
Anyconnect (Secureclient) 5.x issues with posture - No attributes sent
Hi, Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't? I have several devices not sending the anti-malware attrib...
Allowing Signal Desktop App through Cisco WSA proxy
Hello everyone,I have a Cisco Secure Web Appliance S300V for my company's proxy server. We have been recently directed to utilize the Signal Desktop App for communication and unfortunately I have run into every issue while getting this to work. The Q...
Renewall of Admin Certificate
I have to renew the admin certificate in a pair of ISE nodes (Prim / Sec) on Version 3.2.0.542 Patch 4. Currently both devices have the same admin cert that expires in little over 3 weeks. All the names and IPs in this thread are placeholders. I gene...
Capability Overview: XDR Automation
Join us as our experts walk you through an overview and demonstration of XDR Automation and its primary components. Cisco XDR Automation can accelerate and enhance the way your organization detects, investigates and responds to threats in your envir...
Configuring MFA Using Cisco ISE and Microsoft Azure MFA
Using Microsoft Azure MFA for multifactor authentication within Cisco ISE.
Getting Started with Umbrella DNS Security
Join us as our experts explore Umbrella DNS Security. Participants will receive an overview of DNS layer security and Umbrella's scalability and security enforcement. They will also discover a variety of features that can be enabled with Umbrella's ...
Resolved! open ssh 9.3 multiple vulnerability in cisco sma
Hi folks recently our audit team have scanned our WSA and SMA for VApt and they have found that wsa(asyncos 14.5) and SMA (15.0) is having openssh version prior to 9.3 and should be upgraded .IS it possible to upgrade openssh alone? i searched docume...
" Propagate untrusted server certificates to clients " option on FTD
On Firepower Threat Defense, there is an option in the Advanced Setting of SSL policy called " Propagate untrusted server certificates to clients "This option applies only to traffic matching a Decrypt - Resign rule action.What does this option mean...
PXGrid 2.0 High Availability - Primary Pan Outage
I have an EVE-NG lab that consists of a Panorama, 1 FW, and 4 ISE nodes (see lab.jpg attached). The Lab ISE nodes are running 3.2 patch 5 and panorama and Firewall is running 10.2.7-h3. In reading the 3.2 and 3.1 admin guides they both state in the...
Resolved! Need expert help with Firepower intervlan routing
(FP)Firepower 1000 has routed sub-interfaces as shown in diagram. HostA is able to ping HostB, and vice-versa. FP Vlan20 responds to ping request from HostA. FP Vlan30 responds to ping request from HostB. All works with the following exception, FP Vl...
Authenticating pre-imaged computers on NAC enabled ports
Good morning, we're currently in the process of deploying NAC on all our Wired ethernet ports. So far the process is going smoothly albeit we are having to leave some ports in open authentication state to allow for imaging of new computers by our en...
Cisco ISE 3.1 WLC Captive Portal - AUP Error Apple Devices
We are having an odd issue with newer versions of Iphone/IOS when try to access the ISE Guest Portal.The users start the CWA flow, connect to the SSID then gets an username and pass provided by cisco ISE, then login using the provided credentials and...
Users cannot connect due to Supplicant stopped responding to ISE error
Hello!I am seeing error for users when they sometime cannot connect to WIFISupplicant stopped responding to ISE during PEAP tunnel establishment (step latency=120000 ms Step latency=120000 ms)Open secure connection with TLS peerSupplicant stopped res...
| User | Helpful Count |
|---|---|
| 51 | |
| 43 | |
| 34 | |
| 22 | |
| 21 |
