Activity in Security
Site-to-site vpn failover causing memory spike in spoke sites
Hi All. I would like to get your thoughts on the following issue i have been facing since implementing Dual ISP and failover for site-to-site vpn tunnels.Hub Site:ASA5515 using 9.6(4)42Spoke sites:Cisco ISRs using 15.1(4)M8, using voip services over ...
Protecting non-VPN Users from Spray Attacks
I have a requirement for VPN with MFA for a subset of users, while protecting the other users from Spray attacks. Scenario: Customer is currently implementing VPN with MFA for a defined set of users (1/3 of staff)Most users do NOT have a requiremen...
ASA 9.14.4.24
ASA 9.14.4.24: https://software.cisco.com/download/home/284143129/type/280775065/release/9.14.4%20Interim
[CISCO ISE][12935 ] Supplicant stopped responding to ISE during EAP-TL
Hello Everyone, I am contacting you all because i don't seem to find the needed information to resolve my issues, even though there are many similar topic as mine with the same error.We have an infrastructure using FTD ASA5506 with switch CISCO WS-C2...
NAD config for 802.1x/MAB with ISE
Hello, I have seen in several places this commands as best practice. Are they still needed/helpful ? -epm logging-logging host <ISE_IP_address_x> transport udp port 20514-epm access-control open or access-session acl default passthrough -device class...
Secure connect keeps popping up or stealing focus repeatedly
Running Window 10 fully patched and I've installed Secure Client on a bunch of our users machines. Things seems to work for the most part, but there is an annoying behavior that I can't seem to find the cause of. Randomly, multiple times a day, the S...
Allow ISE captive portal DNS entry on outside DNS.
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
FTD's - Firepower dropping HTTPS traffic using TLS 1.3 Hybridized Kybe
HelloWe have a lot of clients getting the following error when contacting diffrent sites: ERR_SSL_PROTOCOL_ERROR, we have read that SonicWall and Palo Alto also have these problemes. Solution is to turn off "TLS 1.3 Hybridized Kyber Support" in chro...
upgrade process of firepower 2130
hello We have a old fire power that I have no idea how to upgrade. The actual device is a Cisco Firepower 2130 Threat Defense (77) Version 7.0.4 . Cisco Adaptive Security Appliance Software Version 9.16(3)18. and we have a FMC that is Cisco Firepower...
PXGrid 2.0 High Availability - Primary Pan Outage
I have an EVE-NG lab that consists of a Panorama, 1 FW, and 4 ISE nodes (see lab.jpg attached). The Lab ISE nodes are running 3.2 patch 5 and panorama and Firewall is running 10.2.7-h3. In reading the 3.2 and 3.1 admin guides they both state in the...
cannot get to privileged enable mode via console
After searching through other posts, my config seems OK but still strange behaviourasa 9.20 running on FPWR chasisI cannot get in enabled mode when connecting to ASA via console.It used to work but stopped after I played (disable and restore) with aa...
ISE CoA Reauth for Aruba 2530
Hello everyone, Does anyone know the attributes to configure to make the CoA type reauth work on an Aruba 2530 switch (16.11)? I managed to make the CoA Disconnect and port bounce working but I don't have the solution for reauth and I need it for pro...
Cisco WSA log shows 503 status code
Hi we have 2 WSA out of which one WSA is showing 503 error for a specific Site. When i tried nslookup in WSA for that site it shows the server returned no data(in both WSA).But the site is working in one WSA but not in the other and after 15 mins the...
Cisco Anyconnect "No Adapters"
Hello, we're running Cisco Anyconnect 4.2 NAC to connect to our VPN. I'm running into an issue where it's telling me that there are no network adapters. I've tried uninstalling/re-installing the network adapter drivers, Cisco NAC and I just can't get...
802.1x Cert Auth - What does the PSN Do with the Client Cert?
Please see the attached file. When a Windows client connects to the network and its supplicant is configured to send the computer certificate, what exactly is the PSN doing with this certificate? In the attached i have a use of Lab_dot1x_Certs (See...
| User | Helpful Count |
|---|---|
| 53 | |
| 50 | |
| 38 | |
| 27 | |
| 25 |
