Fnu Kanwaljeet Singh

Member Since: Jul 26, 2011

English
Fnu Kanwaljeet Singh commented on Authentication devices with Windows Radius Server in AAA, Identity and NAC 4 months ago

Hi Francisco, Can you please replace 'default group radius' with "default group SWITCH" and try...

Fnu Kanwaljeet Singh commented on Cisco Secure ACS reports in AAA, Identity and NAC 4 months ago

Hi Steve, Monitoring & Reports > Reports > Catalog > report_type, where ...

Fnu Kanwaljeet Singh commented on Cisco ACE - need to learn in Application Networking 4 months ago

Hi Datta, I would suggest to start from here for basic TS and reference user guide for detailed...

Fnu Kanwaljeet Singh commented on [SOLVED] ASA 5505 - Inside hosts; no internet in Firewalling 4 months ago

Hi Rick, If you run packet tracer, what do you get? What did you see in logs during the problem? Is...

Fnu Kanwaljeet Singh commented on privilege level commands in AAA, Identity and NAC 4 months ago

Hi Sachin, For ASA you can do below to know the privilege level: The following commands let you...

Fnu Kanwaljeet Singh commented on ACS 5.x Backup startup configuration in AAA, Identity and NAC 4 months ago

Hi Julian, You need to do acs configuration back up only in this case. Please follow the below link...

Fnu Kanwaljeet Singh commented on Unable to access ASA 5508-X per Quick Start Guide in Firewalling 4 months ago

Hi Phillip, From  the error message it seems to be ssl version or cipher mismatch issue. Please put...

Fnu Kanwaljeet Singh commented on Ipsec Remote Access VPN traffic Throttling/Policing in VPN 4 months ago

Hi Amjad, Per user BW limit is not there but i think you would be interested in below: https://...

Fnu Kanwaljeet Singh commented on AnnyConnect VPN in VPN 4 months ago

Hi Mohammed, I am not sure how the interface would differ across codes but you definitely would...

Fnu Kanwaljeet Singh commented on ALLOW SPECIFIC PORTS FOR OUTGOING TRAFFIC THORUGH CISCO ASA 5505 AND BLOCK ALL OTHERS in Firewalling 4 months ago

Hi Kaushal, Thank you for the details. Can you take pcaps on ingress and egress interface and see...

Fnu Kanwaljeet Singh commented on ALLOW SPECIFIC PORTS FOR OUTGOING TRAFFIC THORUGH CISCO ASA 5505 AND BLOCK ALL OTHERS in Firewalling 4 months ago

Hi Kaushal, I don't see any hits on the rule. It seems traffic is not even hitting these rules. Can...

Fnu Kanwaljeet Singh commented on NAT Problem in Firewalling 4 months ago

Hi Marcio, Thank you for the configuration. Please tell me which NAT rule stops working? Also, is...

Fnu Kanwaljeet Singh commented on NAT Problem in Firewalling 4 months ago

Hi Marcio, Thank you for your reply. Are you able to ping the default gateway during the problem i....

Fnu Kanwaljeet Singh commented on NAT Problem in Firewalling 4 months ago

Hi Marcio, Any logs during the problem? Do you notice all users getting affected or only few users...

Fnu Kanwaljeet Singh commented on Cisco ISE authentication process in Security Management 4 months ago

Hi Hennie, Could you please elaborate a bit more on the exact nature of the issue you are facing?...

Fnu Kanwaljeet Singh commented on Authentication devices with Windows Radius Server in AAA, Identity and NAC 4 months ago

Hi Francisco, For configuring windows radius server please see if they below link helps: http://www...

Fnu Kanwaljeet Singh commented on Easy VPN server Anyconnect compatibility in VPN 4 months ago

Hi, AnyConnect client can be used to connect both SSL VPN as well as IKEv2 IPSec VPN. I am pasting...

Fnu Kanwaljeet Singh commented on AnnyConnect VPN in VPN 4 months ago

Hi Mohammed, Please have a look at the below link: https://supportforums.cisco.com/blog/152941/...

Fnu Kanwaljeet Singh commented on Site to Site vpn in VPN 4 months ago

Hi, What are the VPN endpoints involved here? Regards, Kanwal Note: Please mark answers if they are...

Fnu Kanwaljeet Singh commented on Cisco ASA 5520 in Firewalling 4 months ago

Hi, For ASA 5520, 9.1.6 is the latest release. Since you are currently on 8.0, you can upgrade to 8...

Fnu Kanwaljeet Singh commented on what includes ip service in Firewalling 6 months ago

Hi Jeff, IP should include TCP, UDP OR ICMP in this case but not everything is allowed  or will...

Fnu Kanwaljeet Singh commented on Traffic hitting the secondary ACE in Application Networking 8 months ago

Hi CF, These are the connections that are synched between the two LB's for seamless failover....

Fnu Kanwaljeet Singh commented on ACE doesn't send login request to TACACS+ on ACS unless user is configured locally in Application Networking 8 months ago

Hi Tadeo, It seems it is necessary but i don't have an explanation for the same. Similar post below...

Fnu Kanwaljeet Singh commented on ACE Application issue in Application Networking 8 months ago

Hi Theo, Your configuration looks fine. You can change the netmask for nat pool to 255.255.255.255...

Fnu Kanwaljeet Singh commented on ACE: Bypass ACE Proxy function in Application Networking 8 months ago

Hi Jose, If DB servers are not being loadbalanced by ACE, then ACE should just pass through the...

Fnu Kanwaljeet Singh commented on ACE cookie sticky HTTP v HTTPS in Application Networking 8 months ago

Hi Richard, Are you doing SSL offloading on ACE? If not, then ACE has no means to look into the...

Fnu Kanwaljeet Singh commented on ACS v5.4 is authenticating users outside of our selected directory groups in AAA, Identity and NAC 11 months ago

Hi Logan,When you see the successful log for authentication and authorization, do you see the rule...

Fnu Kanwaljeet Singh commented on ACE generating 302's upon exceeding license? in Application Networking 11 months ago

Hi,If BW/connection box wide/context wide usage is more than allocated, then traffic would be...

Fnu Kanwaljeet Singh commented on CSCup37416 - Stale VPN Context entries cause ASA to stop encrypting traffic in VPN 12 months ago

Hi Praveen,Developers are working on it and there is no permanent fix yet. But you can try below...

Fnu Kanwaljeet Singh commented on 4G lte module for ASA ? in Firewalling 12 months ago

Hi Kjetil,There is no 4G LTE module for ASA. The only modules for ASA series are below:Cisco ASA...

Fnu Kanwaljeet Singh commented on HTTPS probe fails on ACE30; Conn reset by server; Handshake Fail in Application Networking 12 months ago

Hi,From your explanation it seems that ACE is not liking the server hello. Can you send us the pcap...

Fnu Kanwaljeet Singh commented on acs secondary not authenticating in AAA, Identity and NAC 12 months ago

Hi,If you point the user working on primary to secondary, does the same user face the same issue or...

Fnu Kanwaljeet Singh commented on ACS 5.7 - Compatibility with the Latest Internet Browsers in AAA, Identity and NAC 12 months ago

Hi David,I would suggest raising this issue to your account team so that this can be brought in...

Fnu Kanwaljeet Singh commented on cisco ace bridge mode in Application Networking 12 months ago

Hi,I am not sure i get the question. But you put ACE in existing L2 path and create another vlan on...

Fnu Kanwaljeet Singh commented on Classmap match http url. How to deny some urls in ACE in Application Networking 12 months ago

Hi Thomas,Create two class-maps of type http. Put the first 3 statements in class-map 1 and other...

Fnu Kanwaljeet Singh commented on cisco ace bridge mode in Application Networking 1 year ago

Hi,-=Routed Mode=--VLANs can be shared between contexts.-Servers behind ACE use ACE as a gateway. ...

Fnu Kanwaljeet Singh commented on Real server to respond for client ICMP request. in Application Networking 1 year ago

Hi Bala,I assume you are pinging the real server IP, for that you can create a route which bypasses...

Fnu Kanwaljeet Singh commented on Cisco ISE support for TLS 1.2? in AAA, Identity and NAC 1 year ago

Hi David,It is in road map for ISE 2.0 which should be released soon. I would wait for ISE 2.0 to...

Fnu Kanwaljeet Singh commented on Cisco ACE 4710 configuration help in Application Networking 1 year ago

Hi Kamal,1) Are your servers listening for HTTPS? If yes, then it should work fine. You are...

Fnu Kanwaljeet Singh commented on Using ACE4710 to redirect DNS requests to redundant data center in Application Networking 1 year ago

Hi Lucas, Yes, that is what you need but with GSS EOL and EOS, you should be looking for similar...

Fnu Kanwaljeet Singh commented on GRE OVER IPSEC in VPN 1 year ago

Hi Arshad,Could you please share the outputs and configurations done?Regards,KanwalNote: Please...

Fnu Kanwaljeet Singh commented on ASA5506 Anyconnect Essentials in Firewalling 1 year ago

Hi,Please look at ASA 5506-X license features for details:http://www.cisco.com/c/en/us/td/docs/...

Fnu Kanwaljeet Singh commented on cisco ise 1.3 - how authenticate a nad to a network in AAA, Identity and NAC 1 year ago

Hi Nicoles, NAD is like a switch, wlc, routers and you add them in ISE/ACS and authenticate them...

Fnu Kanwaljeet Singh commented on Error starting Internal CA on ISE 1.3 Patch 4 in AAA, Identity and NAC 1 year ago

Hi Scott, I see a similar issue being reported after an internal search and a DDTS was opened:...

Fnu Kanwaljeet Singh commented on Cisco ACS 5.3 on SNS-3415-K9 in AAA, Identity and NAC 1 year ago

Hi Mario, It says "Unsupported hardware". ACS 5.3 would install on 1121 HW and not on SNS 3415. You...

Fnu Kanwaljeet Singh commented on Unable to execute Cisco ACS Patch 5-7-0-15-1.tar.gpg in AAA, Identity and NAC 1 year ago

Hi Doug,Can you share the procedure you followed?Regards,KanwalNote: Please mark answers if they...

Fnu Kanwaljeet Singh commented on Site-to-site IPsec VPN on ASA 9.x Multiple Context in Firewalling 1 year ago

Hi John,Admin context is like any other context and can be used as a regular context. So yes above...

Fnu Kanwaljeet Singh commented on recommended IOS version of Catalyst 3850 ? in AAA, Identity and NAC 1 year ago

Hi Antonio, You can go to below link and download the latest one for upgrade. Please ensure that...

Fnu Kanwaljeet Singh commented on Using ACE4710 to redirect DNS requests to redundant data center in Application Networking 1 year ago

Hi Lucas,Yes ACE can do load balancing. But cannot answer DNS requests. If you want the ACE to...

Fnu Kanwaljeet Singh commented on UPGRADING CISCO ACE 4710 TO SUPPORT TLS 1.1 & 1.2 in Application Networking 1 year ago

Hi Usman,First of all it is strongly recommended to do upgrade in a MW. You can follow the below...

Bio












Fnu Kanwaljeet Singh's Stats

Points1296
Discussion started 0
Answers marked as Correct 194
Endorsed 3
Content Rated 24