Activity in Security
Resolved! Can FMC running in vsphere be migrated to AWS?
I plan to migrate a FMC running in vsphere to AWS. Initially I plan to: 1. Build the FMC in AWS as brand new; 2. Backup the existing FMC (running v7 already) and then restore the backup in AWS FMC; 3. Login to AWS FMC serial console to change the MGM...
How to capture dropped packet in ftd firewalll
Hellocould you please share the solution for showing dropped packet from internet to inside lan ? i have FTD 4100 series managed by fmc I want to see output from cli or fmc related to nat transactions packet(dropped and passed) both.
ISE Cert Question
HiDo I need to generate a CSR for a cert on ISE its a *cert or can I just add the cert to the ISE Nodes for Portal use.?? Thanks
Cisco Secure Client XML overwrite issue
Hello, any help appreciated.I am having issues when trying to assign a different group policy to a user where the group policy contains a different client profile (XML) to the one used to connect in the first instance. This is what I am trying to do....
Resolved! ISE admin Group AD users
I have created an external admin group in ISE, which is pointing to an AD group. There are several users in this AD group.Will all the users in this AD group gets ISE admin access or can it be restricted to few users.
Umbrella and Canon Uniflow
We are moving from Zscaler to Umbrella and use Canon Uniflow for the printers.The printers worked fine before Umbrella but can not print anymore since moving to Umbrella.There is only default policy enabled for the tunnels from sdwan routers to Umbre...
Cisco Firepower Access remote site-to-site subnet via Cisco Anyconnect
When a client connect to the HQ via AnyConnect vpn, they can access the HQ local subnet, but can´t access the subnet at the remote office, that has an site-to-site connection to the HQ.Can this be configuret via the Cisco Firepower gui?Cisco Firepowe...
Can ISE change a SSID name alias broadcast?
Cisco WLC 9800 is configured to broadcast a SSID alias as "Original_SSID", the WLC is configured with a ISE controller IP, but in the client computer we see the available SSID alias as "Other_SSID".We do not access to the ISE configuration, can the I...
Snort3 not recognising SMTP/S but Snort2 did/does !?
I'm in the process of updating all our FTD's from Snort2 to Snort3 & almost everything appears to work, except SMTP/S email.Under Snort2 it shows in event logs as SMTP/S Client traffic type correctly, but when Snort3 is enabled, it does not recognise...
permit ip ifc outside any any
We have FMC and FTD , In FMC we configured Blocked traffic ACCESS POLICY , but while checking in FTD(CLI) one more ACL( Ifc Outside any any allow) showing with same rule-id 26844160. any ideas how to find this ACL in FMCACL in FTD ========access-li...
Cannot add FTD to FMC after deleting it from FMC
Hi,FTD was added and to FMC and while configuring HA in FMC, deleted FTD from FMC.While trying to add again to same FMC, both primary and secondary FTD not getting registered in FMC.Could you please help on getting the FTD registered with FMC.
SSL VPN Encryption Type/s?
Hello,When configuring SSL VPN, the default encryption type is "ssl server-version tlsv1.2 dtlsv1.2", which only shows up with a "show run all". In that output, I can also see that "ssl cipher tlsv1.2 medium" and "ssl cipher dtlsv1.2 medium" are disp...
Cisco ASA AnyConnect Radius VPN user rx multiple 2FA request instantly
ive just implemented cisco duo for anyconnect on my asa. some users are experiencing getting multiple 2FA requests on their phones back to back instantly sometimes 3 request, my timeout is 60 secs set on the ASA and my max failed attempts is 3. is th...
Perform a Complete Reimage for FXOS in Firepower 4100 and 9300 Series
The Cisco Document Team has posted an article. This document describes how to reformat the entire system, erase the images, and return it to its factory default settings. Know of something that needs documenting? Share a new do...
Secure Client ISE 3.2 Posture failure
I have just started using Secure Client Posture on my windows workstations. All but 2 work fine. The two are using the IP of the ISE instead of the FQDN. All systems have the same ISEPostureCFG.xml files on them. If I disable the network connectio...
| User | Helpful Count |
|---|---|
| 43 | |
| 37 | |
| 33 | |
| 22 | |
| 19 |
