If I am configuring an IKEv1 IPSEC site-to-site VPN with an FTD device running 7.4.1 managed by the FMC and it is policy based, not route based, does the system ACL applied to the device also control the traffic across the tunnel? If so, then what Zo...
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
I want my VPN users on a Cisco ASA to authenticate against ISE but use Azure AD for MFA on the backend. So far, it seems there are three ways to do this. My requirements are that I must use AnyConnect and ISE. Setup Azure AD as External Radius Server...
Has anyone Created statoc route on the FTD sensor via the CLI?Mine looks like it goes throught bu when i FDM into it, i do not see them. Any Advice will be appreciated.Thanks.
I am trying to figure out the best way to give a VA access to certain accounts without giving her the login info. My thought is to share passwords via LastPass (or other password manager), but not not so the password shows. For 2FA, use a bypass code...
Hi Guys, Tried to perform the reimage of the Cisco 5525-x firepower module to 6.0.0 but failed. I've setup the ftp server(filezilla) and uploaded the boot image to disk0 parttion without any issue, however, perform system image ftp://username:passwo...
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Hi all,We had WSA appliance and we are migrating appliance to virtual environment.We have configured new WSA and tested and its working fine and now we are planning to move it to LIve so we are planning to change the data ip.of new virtual WSA to the...
Dear TeamI have downloaded the vfmc for esxi 7.4.X and 7.3X but i cannot deploy in VMware after deployment its retturn "operating system not found"any ideaRegards
Hi,I am trying to configure TACACS+ on our SSM On-Prem server so that I am able to login on the Webinterface with my AD user. The TACACS+ configuration is done in Clearpass. And the test in the configuration window on the SSM server was successful.Bu...
I have a weird situation I need to connect to two sepaate VPN (not at the same time).One of these requires Cisco Secure Client 5.x the second works with Any Connect 4.x.I have Cisco Secure Client 5.x installed, if i try connecting to the VPN that use...
How long will a message be available in the message tracking on the SMA?I cannot seem to find any information pertaining to this on Cisco's website. Thanks!
Hello,I have an IKEv2 Site-to-Site IPSec tunnel (VTI with static routing) between ASA firewall and 2 stateless HA routers configured with HSRP (IPSec end point is HSRP VIP hosted on the HSRP active router).Despite the fact it is not stateful (not sup...
Hi,on ISE 2.4 in the live logs pages the report that one got clicking on the repeat counter was very useful because the endpoints were sorted by repeat counters. So it was very easy to find the endpoints with high repeated counters.With ISE 3.2 the r...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: