Fnu Kanwaljeet Singh

Member Since: Jul 26, 2011

User Badges:
  • Cisco Employee,

English
Fnu Kanwaljeet Singh commented on ASA Service-Policy for FirePOWER inline mode in Intrusion Prevention Systems/IDS 3 weeks ago

Hi Grant, ciscoasa1(config)# service-policy global_policy ?configure mode commands/options:  global...

Fnu Kanwaljeet Singh commented on AnyConnect client on RDP client - profile question in VPN 1 month ago

Hi Craig, I do not think it is due to any security concerns but more of what customers needed by...

Fnu Kanwaljeet Singh commented on ACS 5.5 and Active directory monitoring in AAA, Identity and NAC 1 month ago

Hi, acs/admin# acs-configEscape character is CNTL/D.Username: ACS-GUI-USERNAMEPassword: ACS-GUI-...

Fnu Kanwaljeet Singh commented on Cannot SSH or console into ACS Appliance in AAA, Identity and NAC 1 month ago

Hi Colin, I am not sure why just stopping the server would do this. i have rebooted my server and i...

Fnu Kanwaljeet Singh commented on ACS 5.6.0.22 login incorrect on CLI (SSH) in AAA, Identity and NAC 1 month ago

Hi Mourad, You can simply boot your vm from the .iso image  and you will get the options there:...

Fnu Kanwaljeet Singh commented on Cannot SSH or console into ACS Appliance in AAA, Identity and NAC 1 month ago

Hi Colin, That is only for GUI. You cannot reset or change cli password from GUI. To double check...

Fnu Kanwaljeet Singh commented on Cannot SSH or console into ACS Appliance in AAA, Identity and NAC 1 month ago

Hi Colin, If you cannot SSH into the device, then unfortunately you would need to do password...

Fnu Kanwaljeet Singh commented on VPN between ASA and Router in Firewalling 3 months ago

Hi MM, It all depends what is your requirement. Do you want traffic between ASA and your LAN router...

Fnu Kanwaljeet Singh commented on ACS 5.5 and Certificate Validation Error: Certificate binding failed. No matching signing request found. in AAA, Identity and NAC 6 months ago

Hi Filip, So you go to "outstanding signing requests" and you see the same CSR, and then when you...

Fnu Kanwaljeet Singh commented on ACS 5.5 and Certificate Validation Error: Certificate binding failed. No matching signing request found. in AAA, Identity and NAC 6 months ago

Hi Filip, You are welcome! So when you check certificate (identity) as well as the CSR in the link...

Fnu Kanwaljeet Singh commented on Cisco ISE Hybrid Distributed Node Deployment in AAA, Identity and NAC 6 months ago

Hi Edward, You would be interested in this document below: https://communities.cisco.com/docs/DOC-...

Fnu Kanwaljeet Singh commented on ACS 5.5 and Certificate Validation Error: Certificate binding failed. No matching signing request found. in AAA, Identity and NAC 6 months ago

Hi Filip, When you say you have checked the validity of cert, how did you check it? You can check...

Fnu Kanwaljeet Singh commented on Unable to restore ACS server in AAA, Identity and NAC 6 months ago

Hi CF, Yes, you can add another repository. Regards, Kanwal Note: Please mark answers if they are...

Fnu Kanwaljeet Singh commented on Help with Cisco ASA 5510 configuration cli in Firewalling 6 months ago

yes 10.1.1.6 would be the inside. But you need dynamic so that all your ip's can nat to same...

Fnu Kanwaljeet Singh commented on Help with Cisco ASA 5510 configuration cli in Firewalling 6 months ago

Hi, You will have to first define object and then do: nat (inside,outside) source dynamic interface...

Fnu Kanwaljeet Singh commented on Help with Cisco ASA 5510 configuration cli in Firewalling 6 months ago

Hi, You would need to NAT the traffic to our ISP assigned IP on outside interface to access...

Fnu Kanwaljeet Singh commented on Feature request for firepower services in Firewalling 6 months ago

Hi Yogesh, You would need to raise a TAC case or let your account team know and they can raise one...

Fnu Kanwaljeet Singh commented on Help with Cisco ASA 5510 configuration cli in Firewalling 6 months ago

Hi, Are you able to ping the inside interface? If yes,configure ssh on it. You would need to...

Fnu Kanwaljeet Singh commented on Unable to restore ACS server in AAA, Identity and NAC 6 months ago

Hi CF, Apologies. I didn't notice that you were not prompted for it. But i quickly tested it in...

Fnu Kanwaljeet Singh commented on Unable to restore ACS server in AAA, Identity and NAC 6 months ago

Hi CF, Are you sure you are using the same key for decryption which you had used while taking the...

Fnu Kanwaljeet Singh commented on New 5525ASA in my network rack but can not login to web interface in Firewalling 6 months ago

Hi, There is no WEB access. You have telnet, ssh and ASDM. Please look at below discussions on how...

Fnu Kanwaljeet Singh commented on ASDM in Firewalling 6 months ago

Hi, If you have a valid account then i would check with your account team and get your account...

Fnu Kanwaljeet Singh commented on How to disable following ASA message? <162>%ASA-2-106016: Deny IP spoof from ($wan_primary) to $wan_secondary on interface wan in Firewalling 6 months ago

Hi, You can disable that particular message by: (config)# no logging message 106016 Hope this helps...

Fnu Kanwaljeet Singh commented on Ise and failed authentications conducted by endpoints in AAA, Identity and NAC 6 months ago

Hi Antonio, 5434 Endpoint conducted several failed authentications of the same scenario: The...

Fnu Kanwaljeet Singh commented on Endpoint session on Cisco ISE 2.1 in AAA, Identity and NAC 6 months ago

Hi Antonio, Terminated sessions are cleaned 15 minutes after termination. If there is...

Fnu Kanwaljeet Singh commented on ASA not Allow Jabber for communication in Firewalling 6 months ago

Hi Mohamed, Why do you think it is a firewall issue? Do you see relevant traffic getting dropped by...

Fnu Kanwaljeet Singh commented on Need help with port forwarding in Firewalling 6 months ago

Hi Nader, Why is your nat rule (inside, inside). Shouldn't it be nat (inside,outside)? Regards,...

Fnu Kanwaljeet Singh commented on ASA - Access List Configuration in Firewalling 6 months ago

Hi, Once you have defined the protocol-type in the object, you do not need to define it again. Try...

Fnu Kanwaljeet Singh commented on Object Group from DNS query in Firewalling 6 months ago

Hi Neil, It works fine for me. ciscoasa(config)# object network AV-UPDATESciscoasa(config-network-...

Fnu Kanwaljeet Singh commented on Configuring authentication with two different (non-redundant) authentication servers in AAA, Identity and NAC 6 months ago

Hi, You will have to tweak the configuration for remote users. You can create another tunnel-group...

Fnu Kanwaljeet Singh commented on Object Group from DNS query in Firewalling 6 months ago

Hi Neil, Yes, you can. Please go through the below link for details: https://supportforums.cisco....

Fnu Kanwaljeet Singh commented on Dynamic VLAN Assignment via RADIUS for WLAN users on ACS 5.8 in AAA, Identity and NAC 6 months ago

Hi John, Looking at logs would be helpful. I just sent you a message. Let me know if you received...

Fnu Kanwaljeet Singh commented on Capture on CLI with 'match' keyword not working in Firewalling 6 months ago

Hi Patrick, Looks like you are running into the below issue: CSCts55011: ASA match parameter in...

Fnu Kanwaljeet Singh commented on Dynamic VLAN Assignment via RADIUS for WLAN users on ACS 5.8 in AAA, Identity and NAC 6 months ago

Hi John, If correct policy is getting matched and user is assigned the profile you configured, then...

Fnu Kanwaljeet Singh commented on Dynamic VLAN Assignment via RADIUS for WLAN users on ACS 5.8 in AAA, Identity and NAC 6 months ago

Hi John, One more thing- I am sure you have already looked at it but just mentioning it. From the...

Fnu Kanwaljeet Singh commented on Dynamic VLAN Assignment via RADIUS for WLAN users on ACS 5.8 in AAA, Identity and NAC 6 months ago

Hi John, Looks good. Policy Elements >Authorization and Permissions  > Network Access >...

Fnu Kanwaljeet Singh commented on Enable ip-options on Cisco ASA 8.2 in Firewalling 6 months ago

Hi, I am glad i could help and you are welcome! Regards, Kanwal Note: Please mark answers if they...

Fnu Kanwaljeet Singh commented on Enable ip-options on Cisco ASA 8.2 in Firewalling 6 months ago

Hi, The command was introduced in 8.2(2). You would need to upgrade to get that command option....

Fnu Kanwaljeet Singh commented on Enable ip-options on Cisco ASA 8.2 in Firewalling 6 months ago

Hi, Which version of ASA are you running? i do see in my lab FW that option is there. But mine is...

Fnu Kanwaljeet Singh commented on Dynamic VLAN Assignment via RADIUS for WLAN users on ACS 5.8 in AAA, Identity and NAC 6 months ago

Hi John, You would need to create the profile under: Policy Elements > Authorization and...

Fnu Kanwaljeet Singh commented on Replacing a Cisco ACE module in Application Networking 6 months ago

Hi CF:) Yes, the replication process will create the non-admin contexts too and replicate the...

Fnu Kanwaljeet Singh commented on ASA 5520 - Upgrade OS in Firewalling 6 months ago

Hi, You can go to 9.1 which is the latest and last image available for 5520. https://software.cisco...

Fnu Kanwaljeet Singh commented on ASA IKE/IPSEC Proposal in VPN 6 months ago

Hi Mike, When IKE negotiations begin, the peer that initiates the negotiation sends all of its...

Fnu Kanwaljeet Singh commented on ASA IKE/IPSEC Proposal in VPN 6 months ago

Hi Mike, You don't need to. It will automatically select from the list the one which matches with...

Fnu Kanwaljeet Singh commented on ACS 5.8.x: Is it possible to filter reporting/remote syslog for a particular TACACS user? in AAA, Identity and NAC 6 months ago

Hi Nadav, Unfortunately, i do not see a way to stop ACS from sending the syslog for specific user...

Fnu Kanwaljeet Singh commented on How can I TFTP a running config over to an offline CSS11503 in Application Networking 6 months ago

Hi Damon, You can use management interface to do the same. Pasting link for your reference. http://...

Fnu Kanwaljeet Singh commented on ASA IKE/IPSEC Proposal in VPN 6 months ago

Hi Mike, They are set of standard proposals pre-configured. You can create another one if you think...

Fnu Kanwaljeet Singh commented on Anyconnect Remediation in AAA, Identity and NAC 6 months ago

Hi Nikhil, It will trigger the endpoint to update the anti-virus/sscm. You should have the IP...

Fnu Kanwaljeet Singh commented on ACS 5.8.x: Is it possible to filter reporting/remote syslog for a particular TACACS user? in AAA, Identity and NAC 6 months ago

Hi Nadav, I do see such an option in ACS. However the opposite of what you want is available. If...

Fnu Kanwaljeet Singh commented on Anyconnect ISE Posturing with Split Tunnelling in AAA, Identity and NAC 6 months ago

Hi Chevy, Yes, it should work with split tunneling. The ISE posture module uses several methods to...

Bio

User Badges:
  • Badge.
    Cisco Employee

Fnu Kanwaljeet Singh's Stats

Points1423
Discussion started 0
Answers marked as Correct 204
Endorsed 4
Content Rated 24