Hey allI have a Firepower 1010, I need to disable the SIP ALG on it, I have access to the Web Client and Telenet access to make changes, can someone give me an easy way to make these changes, I don't have the ASA Software that could access with.
Hi, I'm looking at deploying BGP on an FTD Active/Standby HA pair (FTDs are 4215 hardware running 7.2) to enable routes to be controlled by neighbouring routers rather than relying on 100s of static routes on the FTDs. I was wondering if anyone could...
I want my VPN users on a Cisco ASA to authenticate against ISE but use Azure AD for MFA on the backend. So far, it seems there are three ways to do this. My requirements are that I must use AnyConnect and ISE. Setup Azure AD as External Radius Server...
We are trying to block few public ips in zone-based firewall. What typically in zone-based firewall, we can control based on protocol. Can we add an access list to be filtered in zone-based firewall policy map?
I have a DMVPN network with 4331 hub routers. Our HQ in Memphis has a hub on AT&T, and another on Lumen. Our New York hub is also a Lumen connection. All are 500Mb up/down. We have about 35 spokes around the US that peer to all 3 routers. BGP is the ...
hello all ,recently i tried to configure VPN site to site with certificate authentication type, i got the certificate signed by a third party autority , and when i did the debugs i got this log :CRYPTO_PKI: bitValue of KEY_USAGE = a0PKI[7]: CRYPTO_PK...
I need to upgrade AnyConnect 4.10 because it is EOS on 3/31/24. The replacement product is Secure Client 5.x. Currently, users only have DART and NAM installed on their computers.1. Do I need to uninstall AnyConnect 4.10 or is that automatically do...
I have just started using Secure Client Posture on my windows workstations. All but 2 work fine. The two are using the IP of the ISE instead of the FQDN. All systems have the same ISEPostureCFG.xml files on them. If I disable the network connectio...
Hello,A client is trying to SSH through the HTTP proxy (WSA), it works but the response times are huge.ssh_args = -C -o "ProxyCommand=nc -X connect -x proxy-http:8080 %h %p"It serves its purpose. HTTP proxy isn't designed for that, but has anyone tri...
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
Hi,on ISE 2.4 in the live logs pages the report that one got clicking on the repeat counter was very useful because the endpoints were sorted by repeat counters. So it was very easy to find the endpoints with high repeated counters.With ISE 3.2 the r...
Hi,FTD was added and to FMC and while configuring HA in FMC, deleted FTD from FMC.While trying to add again to same FMC, both primary and secondary FTD not getting registered in FMC.Could you please help on getting the FTD registered with FMC.
Hellocould you please share the solution for showing dropped packet from internet to inside lan ? i have FTD 4100 series managed by fmc I want to see output from cli or fmc related to nat transactions packet(dropped and passed) both.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: