Activity in Security
IPSec VPN Tunnel Lan-to-Lan decrypt count zero
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
Resolved! Cisco Firepower Malware signature
Hi there,Is Cisco Firepower have a Database for malware signature?When i check TECSEC-2599.pdf p77, the information is: FTD will first calculation the sha, and than send to FMC and FMC will check the Reputation from AMP Cloud.But i got another inform...
AnyConnect Speed Issues
Hello,FTD's 2110 at 7.3.1.1.I have two datacenters running that code on 2110s. They have the same configuration for the most part and the same size fiber internet 500 Mbps circuit. Coming in on VPN1, running a speed test from my home connection is ab...
Site-to-Site IPSec with VTI - Initial delay up to 60 seconds
Hello,I have an IKEv2 Site-to-Site IPSec tunnel (VTI with static routing) between ASA firewall and 2 stateless HA routers configured with HSRP (IPSec end point is HSRP VIP hosted on the HSRP active router).Despite the fact it is not stateful (not sup...
Setting UP a SECOND ASA5506-x firewall
Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It ment...
FMC displays old release even if the patch installation was successful
Hello everybody,our customer has FMCv rel. 7.2.5.1 and two Firepower 1120 in a HA running rel. 7.2.5.I have installed the FTD patch to rel. 7.2.5.1 successfully but the release that the FMCindicates is still 7.2.5 (see attached screen dump).Do you ha...
Problems with SNMP on the ASA 5555-X
Hello everyone,I have a CISCO ASA 5555-X configured in multi-context mode and I want to monitor it via SNMP.However, I can't find the MIB files for this device.How can I get them?I don't have access to ftp://ftp.cisco.com/pub/mibs/supportlists/asa/as...
Resolved! Is this possible: Static MAC Entry skipping 802.1x authentication
C1000-24P-4G-L (15.2.7E10)Like the title suggests this is what I want the switch to do:Depending on what device I connect I want it to either do thenormal 802.1x authentication (workstation / VLAN 10) by the radius server.but if it is a device with a...
Recommended logs that should be sent to IBM QRADAR SIEM from ESA
Any thoughts on recommended logs that should be sent to QRADAR SIEM ? what subscriptions should be configured ?
Cisco AnyConnect Umbrella Roaming Security Module
Hi,So was reading up a lot on the difference between the Cisco Anyconnect Roaming Module vs the Umbrella Roaming,Its clear that best practice is the Cisco anyconnect option as UR is EOL in a few months, so we recently deployed the new client company ...
ISE 3.2 Repeat Count Details
Hi,on ISE 2.4 in the live logs pages the report that one got clicking on the repeat counter was very useful because the endpoints were sorted by repeat counters. So it was very easy to find the endpoints with high repeated counters.With ISE 3.2 the r...
Allow ISE captive portal DNS entry on outside DNS.
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Secure Client 5.1.1.42 with NAM and tethering to iPhone iOS 17.2.1
We have tried upgrading from Cisco AnyConnect 4.10.07073 to Secure Client 5.1.1.42 with NAM connecting to wired and wireless networks.After the upgrade NAM fails to acquire the IP address from the phone.Connecting to enterprise EAP SSIDs and other us...
Posture Logs
Hello,In the AnyConnect client under the "Scan Summary" tab, it shows the names of the posture checks as they are defined in ISE. Is there a log on the workstation that will actually show WHAT those items in the Scan Summary are actually looking at?
Installing Secure Client (5.x) AND Any Connect (4.x) on 1 computer
I have a weird situation I need to connect to two sepaate VPN (not at the same time).One of these requires Cisco Secure Client 5.x the second works with Any Connect 4.x.I have Cisco Secure Client 5.x installed, if i try connecting to the VPN that use...
| User | Helpful Count |
|---|---|
| 43 | |
| 43 | |
| 33 | |
| 22 | |
| 19 |
