Hello everyone, I'm currently troubleshooting AnyConnect SAML SSO via Azure. Below are some details about the environment and current troubleshooting steps that have been taken so far. The goal is to have users authenticate with their Entra credentia...
Running Window 10 fully patched and I've installed Secure Client on a bunch of our users machines. Things seems to work for the most part, but there is an annoying behavior that I can't seem to find the cause of. Randomly, multiple times a day, the S...
New features, enhancements, and other improvementsNow in public preview: Duo Mobile with time-based one-time passcodes (TOTP)Now in public preview: Require user verification with PIN or biometric for WebAuthn roaming authenticatorsNow in public previ...
We are, and have been seeing what I am interpreting as password spray attacks when viewing the VPN "Troubleshooting" logs within FMC. We do have webvpn enabled and are using DUO as MFA. We have configured only specific users within one AD group to be...
I'm wondering if there is a way to remove ALL network-objects from an network object-group with one command. I figured the easiest way to do this is to negate the object-group and re-create it. If the object-group is used on a ACL it is not possibl...
The scenario is that all traffic ingesting to flow sensor is north-south, and all hosts are NATed by public IPs. Currently, there is no east-west traffic. However, if east-west traffic were to ingest, would the hosts be visible as endpoints or networ...
Hello community,inside of our network we use DNS forwardes pointed to Cisco Umbrella DNS servers.Software using these forwarders is generating events about failed PTR DNS lookups with string "DNS temporarily down".Connection to outside is managed by ...
How to I use the Real-Time Log Viewer in ASDM to search for XXX.XXX.XXX.1 and it not show XXX.XXX.XXX.123, for example? I want to see only the IP ending in .1, NOT the ones ending in .12, .11, .134, .150, etc.I have tried adding quotes, as in "XXX.XX...
All, I am trying to get EAP-TLS working on an Ubuntu Linux machine. The system is controlled by Centrify and Centrify has pushed out a certificate, private key and chain file to the machine. I am attempting to use the wpa_supplicant with the foll...
Has anyone else ever had someone's Cisco Secure Umbrella Client switch to filtering as the device local admin account instead of these user? Hre is what I have seen occur at least 3 times now.WE have a user who is in a policy that allows social media...
I have two Firepowers in two remote offices and i have two ISPs in each office, i had configured vti ipsec vpn between two offices but they are working with static routes, can i configure dynamic routing protocols for failover vpn? I tried to configu...
Set person being visited from a pull-down list of usersSet person being visited from a list of department and usersStatically Assign an Email Address for the Sponsor This document shows you how to enable your guests to choose from a list of sponsor...
Hi I am deploying over 900 FTD 1120 to Cisco CDO and cdFMC, doing the configuration of the device inside the cdFMC i am applying a health policy, platform settings and add the device to a device group. To my understanding of the API, you need to sp...
Hi colleagues, I have the following issue, I'm migrating from cisco ASA5510 to FRP1010e managed via FDM. The configuration is simple and I moved it to the new device(FRP1010e). I have configured one interface for OUTSIDE with public address and VLAN ...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: