Activity in Security
Anyconnect (Secureclient) 5.x issues with posture - No attributes sent
Hi, Has anyone had issues where you are running FTD with AnyConnect (secureclient) with Posture (DAP) enabled and some computers are sending the attribute endpoint.am=xxx and others aren't? I have several devices not sending the anti-malware attrib...
Resolved! Lock AnyConnect profile to specific certificate
I have multiple AnyConnect connection profiles for various remote users that provide access to different internal networks. The authentication method needs to be certificate only, but there doesn't seem to be a way to prevent an issued certificate ho...
Resolved! Multiple Diffie Helfman Group In Phase 2 Cisco FMC-FTD
Hello, Is it possible on Cisco FTD managed by Cisco FMC define multiple DH Group in Phase2 ? From what i see it is just possible one. I tried put , but it doesnt accept. Also looking maybe for option to add thorugh flex config but didnt find any rel...
802.1x Cert Auth - What does the PSN Do with the Client Cert?
Please see the attached file. When a Windows client connects to the network and its supplicant is configured to send the computer certificate, what exactly is the PSN doing with this certificate? In the attached i have a use of Lab_dot1x_Certs (See...
FTD's - Firepower dropping HTTPS traffic using TLS 1.3 Hybridized Kybe
HelloWe have a lot of clients getting the following error when contacting diffrent sites: ERR_SSL_PROTOCOL_ERROR, we have read that SonicWall and Palo Alto also have these problemes. Solution is to turn off "TLS 1.3 Hybridized Kyber Support" in chro...
How to combine multiple ikev2 proposal in to single policy
Hi Team,Our Router having many ikev2 proposal, as per TAC suggestion we need to combine in to single policy. Please let me know for this activity any down time needed ?
VSOM Camera Error - Motion window is not configured on the camera
Hello, in VSOM, I have added a new Axis camera and created a new camera in the system and selected to replace the existing camera. It is working and recording but getting this error that will not clear: "Motion window is not configured on the camera....
FMC IP fragmentation to no fragmentation settings can couse outage?
Hello everyone, I have the following issue:The customer would like to disable FMC packet fragmentation globally. According to the Cisco documentation it is quite straightforward.Source chapter: Fragment SettingsCisco Secure Firewall Management Center...
Allow ISE captive portal DNS entry on outside DNS.
Hello,We are having ISE for EAP/TACACS authentication and, hosted internally in our datacenter.Now we have configured BYOD captive portal that tied to AZURE SAML authentication, the current captive portal redirect URL from ISE has prepended the node ...
Joining ISE to a Reversed DNS Zone
I have joined ISE on the same reversed zone as 50.168.192.in-addr.arpa (ise1.srvcore.local), but ISE have an address of 192.168.99.35.ISE could resolve and ping DNS domaine names on Windows Server and could PING its name "ise1.srvcore.local" and can ...
WSA
hello all, is it possible to access physical cisco WSA GUI without license ???
The operation took longer than expected.
I have just synchronized both Active Directory and Cisco ISE, ISE is using my server (AD) as an NTP server, everything is fine, but now I'm facing an issue "Status Summary: The operation took longer than expected. This may be caused by slow network c...
How to delete a previous joined ise node from Cisco ISE Node?
I did join ise1 as a join point on Cisco ISE GUI, and then deleted it, but now I want to rejoin it, but an error message showed up telling me that : "Resource with this name is already configured in DataBase."======> How to definitly delete it ? and...
ISE Posture Patch Mgmt Windows Update Agent Definition check issue
Hi all. Cisco ISE Posture Windows Patch Management Definition update not working properly. Cisco ISE version 3.2 patch 5. Client Agent : Cisco Secure Client 5.1.2 42 Windows client 11 23H2 and Windows Update version is 1023.x. Comliance Module : ...
FMC Easier Way to create Access Control Rules with a CSV or Import?
Hello! Does anyone know if there's an easier way to configure and create rules that require manual entry in the FMC policy creation dashboard? We are working on a migration from the ASA which has over 300 rules and our company would also like to reca...
| User | Helpful Count |
|---|---|
| 52 | |
| 47 | |
| 37 | |
| 27 | |
| 25 |
