Working on a pair of 2130s in HA that have the URL filtering license and there is also an SSL Policy in place. YouTube isn't blocked, but there is 1 particular video that when trying to view it you get the following error: The same URL when on a co...
We are moving from Zscaler to Umbrella and use Canon Uniflow for the printers.The printers worked fine before Umbrella but can not print anymore since moving to Umbrella.There is only default policy enabled for the tunnels from sdwan routers to Umbre...
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
I have a DMVPN network with 4331 hub routers. Our HQ in Memphis has a hub on AT&T, and another on Lumen. Our New York hub is also a Lumen connection. All are 500Mb up/down. We have about 35 spokes around the US that peer to all 3 routers. BGP is the ...
Hi,FTD was added and to FMC and while configuring HA in FMC, deleted FTD from FMC.While trying to add again to same FMC, both primary and secondary FTD not getting registered in FMC.Could you please help on getting the FTD registered with FMC.
Just recently, our Windows Logon duo integration has been challenging users for 2FA every time they log in, even if it's just unlocking a session they just locked. We've changed no policies in DUO or GPO. Thinking it was maybe a software version thin...
What is best practice when it comes to AD connector(s)?If we were to have TWO AD connectors, is there a way to have it only fail over to the other connector if the active one went down? Rather than adding an additional connector on a separate server ...
Hello, we recently had our cert for our VPN expire without notification via alert message. I've done some research in the FMC but can't find anything that monitors certificate expiration dates. A google search points toward REST API's of course but t...
Hi, I'm looking at deploying BGP on an FTD Active/Standby HA pair (FTDs are 4215 hardware running 7.2) to enable routes to be controlled by neighbouring routers rather than relying on 100s of static routes on the FTDs. I was wondering if anyone could...
We have two ISE ecosystems different and isolated (2.7 and 3.2)I must migrate guest accounts from one system to the other one.On 2.7 we have two sponsorportals and so it is on 3.2.I managed to retrieve captive portal users through a python script of ...
Hello,A client is trying to SSH through the HTTP proxy (WSA), it works but the response times are huge.ssh_args = -C -o "ProxyCommand=nc -X connect -x proxy-http:8080 %h %p"It serves its purpose. HTTP proxy isn't designed for that, but has anyone tri...
Question, attempting to help a customer with the new S196 and we have found that the new S196 doesn't appear have the WSA-L4TM-LIC license like the old S195 did. Is this feature now included in the new Subscription license? Thanks, Seth
Hey allI have a Firepower 1010, I need to disable the SIP ALG on it, I have access to the Web Client and Telenet access to make changes, can someone give me an easy way to make these changes, I don't have the ASA Software that could access with.
Hi Guys,We're having some issues since deploying the AnyConnect VPN with users reporting poor call quality and packet loss on Microsoft Teams and over Skype both audio and video calls?Is there anything we can try or tweak on our ASA and AnyConnect se...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: