Activity in Security
SSM ON-Prem TACACS+ and Clearpass
Hi,I am trying to configure TACACS+ on our SSM On-Prem server so that I am able to login on the Webinterface with my AD user. The TACACS+ configuration is done in Clearpass. And the test in the configuration window on the SSM server was successful.Bu...
Mitel - DHCP Discovery
Hi, I have a Mitel 5312 phone plugged into a switchport configured for ISE but when it boots up it gets stuck on DHCP Discovery. If I put the port to authentication open then it goes through and boots up as normal.The logs all look ok but I can't see...
Brute force attacks towards ASA
Hi! The last weeks it has been a big increase of brute force attempts from all over the world to our Cisco ASAs. We use two factors, so we're not to afraid that they will actually access any of our accounts, but the problem is that they manage to blo...
Cisco Secure Client CVE-2024-20337
Following upgrading to upgrading to 5.1.2.42 to fix the vulnerability CVE-2024-20337Within Microsoft Defender this is still flagged as vulnerability for the CVEIt appears to refer to a component of the install:C:\Program Files (x86)\Cisco\Cisco Secur...
Cisco advsecurity and SecurityK9 license transfer.
Hi all, I have a bit of an issue where I work in that we have a number of very old series 800 routers with either an advsecurity license or a securityk9 license installed, I don't have the smart accounts for any of these (before my time) and I am now...
Trustsec Network Authorization not Working
Hi All,I am newly building trustsec in my environment,trying to add one of the switch under trustsec. Have configured Trustsec settings and COA on the ISE for the switch and added the appropriate aaa commands , radius servers and cts commands.But sti...
PXGrid 2.0 High Availability - Primary Pan Outage
I have an EVE-NG lab that consists of a Panorama, 1 FW, and 4 ISE nodes (see lab.jpg attached). The Lab ISE nodes are running 3.2 patch 5 and panorama and Firewall is running 10.2.7-h3. In reading the 3.2 and 3.1 admin guides they both state in the...
Configure Advanced Options for BGP on FTD
The Cisco Document Team has posted an article. This document describes the options of Border Gateway Protocol (BGP) to manipulate the Path Selection when multiple paths lead to the same Know of something that needs documenting?...
Azure SAML SSO Certificate Error, Firepower 1010
Hi, We are trying to implement Azure SAML SSO on our Firepower 1010. We are using ASA 9.19.1 and Secure client 5.0.02075. When we try the login via Azure by clicking the "Test this applicaton" the login works and there are no errors in the logs. The ...
FMC IP fragmentation to no fragmentation settings can couse outage?
Hello everyone, I have the following issue:The customer would like to disable FMC packet fragmentation globally. According to the Cisco documentation it is quite straightforward.Source chapter: Fragment SettingsCisco Secure Firewall Management Center...
CiscoISE policy applying on switch problem
Hello,I have a problem with applying policies from CiscoISE 3.2 on switch C3750. It simply doesn't stop the unauthenticated users from logging in to switch, nor it prevent commands that are forbidden by the created policy. In Live Logs I can see that...
FDM DHCP Relay
HelloWe have Cisco 1140 with FDM Management, version is 7.2.5. How do I need to configure DHCP Relay? Because I did all configuration, but int not working
Resolved! open ssh 9.3 multiple vulnerability in cisco sma
Hi folks recently our audit team have scanned our WSA and SMA for VApt and they have found that wsa(asyncos 14.5) and SMA (15.0) is having openssh version prior to 9.3 and should be upgraded .IS it possible to upgrade openssh alone? i searched docume...
Lock AnyConnect profile to specific certificate
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
ISE CoA Reauth for Aruba 2530
Hello everyone, Does anyone know the attributes to configure to make the CoA type reauth work on an Aruba 2530 switch (16.11)? I managed to make the CoA Disconnect and port bounce working but I don't have the solution for reauth and I need it for pro...
| User | Helpful Count |
|---|---|
| 52 | |
| 44 | |
| 33 | |
| 23 | |
| 22 |
