I have two Firepowers in two remote offices and i have two ISPs in each office, i had configured vti ipsec vpn between two offices but they are working with static routes, can i configure dynamic routing protocols for failover vpn? I tried to configu...
Hello community, we have HW cisco with HW Threat grid integration. The problem that we have is when the file is send for analysis the message is quarantined in File quarantine. I checked that the Threat grid needs 5-10 min to finish the analysis, af...
I would like to upgrade FMC, due to this upgrade I would like to create ticket support on Cisco Portal. In the portal it requests me provide "Product Seri Number or VLN" Please guide me how can I get these information in my FMC server
Hello I want to implement ISE in a network. Right now I want device administration TACACS to use, moreover; I want perpetual licenses.Do I need R-ISE-VMC-K9= License?Do I need a Device administration license (L-ISE-TACACS-ND=)?OR do I need both?I hav...
Is it possible for the FMC to run a report to indicate what rules are inactive/disabled? What about reporting what objects are not being used?I know beside various items there is a "report" icon, or "export to csv" but this isn't giving me the info I...
HelloWe've successfully enabled the ISE Guest Portal on our WLC, and it works well with PCs until we apply explicit proxy settings. After configuring the proxy, the guest portal no longer appears; instead, the PC tries to access the proxy server, byp...
So, I'm task with finding if anyone else search or connected to a specific URL in the last 30 days. Does any know if FMC have a way of searching this or generating a report. I have only found ways to create a rule to log it go forward not from the pa...
hello all ,recently i tried to configure VPN site to site with certificate authentication type, i got the certificate signed by a third party autority , and when i did the debugs i got this log :CRYPTO_PKI: bitValue of KEY_USAGE = a0PKI[7]: CRYPTO_PK...
We are migrating from our Older Cisco ASA Firewalls to Cisco FTD 2140's. We currently are using WCCP on the ASA's for Transparent Proxy with our WSA Virtual Appliance under VMWare. I was just going to migrate WCCP Configurations to the FTD 2140's w...
Hello,I have a question about migrating a IPSec tunnel from between a Cisco C981F-k9 and a Cisco ASA firewall to a tunnel from the same Cisco C981F-k9 router to a Fortigate firewall. What is the 'best' way to migrate this tunnel?Currently I have conf...
We are looking at moving to SSO but need to be able to include all the groups a user is a member of. Is it possible to pull this from AD and include it in SAML claims?Ideally we would want to manage this in a single place (AD) so if we added a new gr...
Hello Dears, I have a little bit weird issue never faced it before, for the sake of testing for a client & to stay out of production impact, in addition to client confidentiality i had to simulate his environment base configuration to start Tshoot...
Hey guys, VPN on Firepower authenticating on ISE -> OK VPN on Firepower authenticating on Duo -> OK VPN on Firepower authenticating on ISE calling external Radius (Duo) for MFA -> NOK Duo's auth proxy logging shows: "20): Cannot decode password usi...
Hello,I've been planning to role out dot1x on my network. However, the network consists of NXServers in the DC with thin clients that connect back them at user desks.As I think about it, how would dot1x work in this environment? Connecting a PC to a ...
Can anyone help me out with this. I've got Switches setup in ISE to use TACACS to authenticate the logins. I'm looking to setup DOT1X on the ports, along with MAB. I have the config in ISE set but i'm trying to determine exactly how to setup the s...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: