Hello, we recently had our cert for our VPN expire without notification via alert message. I've done some research in the FMC but can't find anything that monitors certificate expiration dates. A google search points toward REST API's of course but t...
What is best practice when it comes to AD connector(s)?If we were to have TWO AD connectors, is there a way to have it only fail over to the other connector if the active one went down? Rather than adding an additional connector on a separate server ...
Hi, I'm looking at deploying BGP on an FTD Active/Standby HA pair (FTDs are 4215 hardware running 7.2) to enable routes to be controlled by neighbouring routers rather than relying on 100s of static routes on the FTDs. I was wondering if anyone could...
We have two ISE ecosystems different and isolated (2.7 and 3.2)I must migrate guest accounts from one system to the other one.On 2.7 we have two sponsorportals and so it is on 3.2.I managed to retrieve captive portal users through a python script of ...
Hello,A client is trying to SSH through the HTTP proxy (WSA), it works but the response times are huge.ssh_args = -C -o "ProxyCommand=nc -X connect -x proxy-http:8080 %h %p"It serves its purpose. HTTP proxy isn't designed for that, but has anyone tri...
Question, attempting to help a customer with the new S196 and we have found that the new S196 doesn't appear have the WSA-L4TM-LIC license like the old S195 did. Is this feature now included in the new Subscription license? Thanks, Seth
Hey allI have a Firepower 1010, I need to disable the SIP ALG on it, I have access to the Web Client and Telenet access to make changes, can someone give me an easy way to make these changes, I don't have the ASA Software that could access with.
Hi Guys,We're having some issues since deploying the AnyConnect VPN with users reporting poor call quality and packet loss on Microsoft Teams and over Skype both audio and video calls?Is there anything we can try or tweak on our ASA and AnyConnect se...
I want my VPN users on a Cisco ASA to authenticate against ISE but use Azure AD for MFA on the backend. So far, it seems there are three ways to do this. My requirements are that I must use AnyConnect and ISE. Setup Azure AD as External Radius Server...
We are trying to block few public ips in zone-based firewall. What typically in zone-based firewall, we can control based on protocol. Can we add an access list to be filtered in zone-based firewall policy map?
I have a DMVPN network with 4331 hub routers. Our HQ in Memphis has a hub on AT&T, and another on Lumen. Our New York hub is also a Lumen connection. All are 500Mb up/down. We have about 35 spokes around the US that peer to all 3 routers. BGP is the ...
hello all ,recently i tried to configure VPN site to site with certificate authentication type, i got the certificate signed by a third party autority , and when i did the debugs i got this log :CRYPTO_PKI: bitValue of KEY_USAGE = a0PKI[7]: CRYPTO_PK...
I need to upgrade AnyConnect 4.10 because it is EOS on 3/31/24. The replacement product is Secure Client 5.x. Currently, users only have DART and NAM installed on their computers.1. Do I need to uninstall AnyConnect 4.10 or is that automatically do...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: