Activity in Security
ISE CoA Reauth for Aruba 2530
Hello everyone, Does anyone know the attributes to configure to make the CoA type reauth work on an Aruba 2530 switch (16.11)? I managed to make the CoA Disconnect and port bounce working but I don't have the solution for reauth and I need it for pro...
Resolved! Cisco ISE
Hello! I'm trying to log in Cisco ISE, but it says: "Password is expired. Please reset your admin password." I tried to log in with ssh, it says: WARNING: Your password has expired.You must change your password now and login again!Changing password ...
Setting UP a SECOND ASA5506-x firewall
Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It ment...
Allow ISE captive portal DNS entry on outside DNS.
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Portals with wildcard certificates do not work with Android 10+
Hello It's been a while since I have had to deal with an ISE Portal issue. Today was a struggle to get Android devices to not complain when trying to connect to a simple ISE Hotspot Portal. It was surprising to me that Windows and Apple iOS devices...
Lock AnyConnect profile to specific certificate
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
Limit the number of concurrent logins to DNAC
Hello all, We have ISE with DNA Center merged. We have a requirement to limit/control the number of users that are allowed to login to DNAC at anyone time. Most Cisco devices can control this but is there a way to do this via ISE RADIUS/TACACS+? I ca...
Anyconnect (Secureclient) 5.x issues with posture - No attributes sent
Hi, Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't? I have several devices not sending the anti-malware attrib...
Allowing Signal Desktop App through Cisco WSA proxy
Hello everyone,I have a Cisco Secure Web Appliance S300V for my company's proxy server. We have been recently directed to utilize the Signal Desktop App for communication and unfortunately I have run into every issue while getting this to work. The Q...
Renewall of Admin Certificate
I have to renew the admin certificate in a pair of ISE nodes (Prim / Sec) on Version 3.2.0.542 Patch 4. Currently both devices have the same admin cert that expires in little over 3 weeks. All the names and IPs in this thread are placeholders. I gene...
Capability Overview: XDR Automation
Join us as our experts walk you through an overview and demonstration of XDR Automation and its primary components. Cisco XDR Automation can accelerate and enhance the way your organization detects, investigates and responds to threats in your envir...
Configuring MFA Using Cisco ISE and Microsoft Azure MFA
Using Microsoft Azure MFA for multifactor authentication within Cisco ISE.
Getting Started with Umbrella DNS Security
Join us as our experts explore Umbrella DNS Security. Participants will receive an overview of DNS layer security and Umbrella's scalability and security enforcement. They will also discover a variety of features that can be enabled with Umbrella's ...
Resolved! open ssh 9.3 multiple vulnerability in cisco sma
Hi folks recently our audit team have scanned our WSA and SMA for VApt and they have found that wsa(asyncos 14.5) and SMA (15.0) is having openssh version prior to 9.3 and should be upgraded .IS it possible to upgrade openssh alone? i searched docume...
" Propagate untrusted server certificates to clients " option on FTD
On Firepower Threat Defense, there is an option in the Advanced Setting of SSL policy called " Propagate untrusted server certificates to clients "This option applies only to traffic matching a Decrypt - Resign rule action.What does this option mean...
| User | Helpful Count |
|---|---|
| 51 | |
| 43 | |
| 34 | |
| 22 | |
| 21 |
