Hi All. I would like to get your thoughts on the following issue i have been facing since implementing Dual ISP and failover for site-to-site vpn tunnels.Hub Site:ASA5515 using 9.6(4)42Spoke sites:Cisco ISRs using 15.1(4)M8, using voip services over ...
I have a requirement for VPN with MFA for a subset of users, while protecting the other users from Spray attacks. Scenario: Customer is currently implementing VPN with MFA for a defined set of users (1/3 of staff)Most users do NOT have a requiremen...
Hello Everyone, I am contacting you all because i don't seem to find the needed information to resolve my issues, even though there are many similar topic as mine with the same error.We have an infrastructure using FTD ASA5506 with switch CISCO WS-C2...
Hello, I have seen in several places this commands as best practice. Are they still needed/helpful ? -epm logging-logging host <ISE_IP_address_x> transport udp port 20514-epm access-control open or access-session acl default passthrough -device class...
Running Window 10 fully patched and I've installed Secure Client on a bunch of our users machines. Things seems to work for the most part, but there is an annoying behavior that I can't seem to find the cause of. Randomly, multiple times a day, the S...
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
HelloWe have a lot of clients getting the following error when contacting diffrent sites: ERR_SSL_PROTOCOL_ERROR, we have read that SonicWall and Palo Alto also have these problemes. Solution is to turn off "TLS 1.3 Hybridized Kyber Support" in chro...
hello We have a old fire power that I have no idea how to upgrade. The actual device is a Cisco Firepower 2130 Threat Defense (77) Version 7.0.4 . Cisco Adaptive Security Appliance Software Version 9.16(3)18. and we have a FMC that is Cisco Firepower...
I have an EVE-NG lab that consists of a Panorama, 1 FW, and 4 ISE nodes (see lab.jpg attached). The Lab ISE nodes are running 3.2 patch 5 and panorama and Firewall is running 10.2.7-h3. In reading the 3.2 and 3.1 admin guides they both state in the...
After searching through other posts, my config seems OK but still strange behaviourasa 9.20 running on FPWR chasisI cannot get in enabled mode when connecting to ASA via console.It used to work but stopped after I played (disable and restore) with aa...
Hello everyone, Does anyone know the attributes to configure to make the CoA type reauth work on an Aruba 2530 switch (16.11)? I managed to make the CoA Disconnect and port bounce working but I don't have the solution for reauth and I need it for pro...
Hi we have 2 WSA out of which one WSA is showing 503 error for a specific Site. When i tried nslookup in WSA for that site it shows the server returned no data(in both WSA).But the site is working in one WSA but not in the other and after 15 mins the...
Hello, we're running Cisco Anyconnect 4.2 NAC to connect to our VPN. I'm running into an issue where it's telling me that there are no network adapters. I've tried uninstalling/re-installing the network adapter drivers, Cisco NAC and I just can't get...
Please see the attached file. When a Windows client connects to the network and its supplicant is configured to send the computer certificate, what exactly is the PSN doing with this certificate? In the attached i have a use of Lab_dot1x_Certs (See...