Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more

Security

Explore the security forums and share your expertise about firewalls, email and web security, Identity Service Engine, VPN, AnyConnect and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Browse the Community

Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace

31788 Posts

Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.

70373 Posts

Duo Security

Get started with or get better at administering and using Duo by interacting with peers and experts!

3199 Posts

Activity in Security

Start a conversation

ISE BYOD machine authentication 3.1.0.x

Hello Guys, I need help to validate whether my understanding is correct.I'm new to ISE, I know some rules but I can't progress with my client's problem.1 - He has an AD, but there is no GPO policy for Wireless.2 - There is a rule in ISe that first va...

jardelalmeida_0-1714218563836.png

Iperf test through ASA

Hello Folks, I have a pair of ASA5516 with HA mode, ISP provides a high-speed WAN 500Mbps up/download, while doing some speed tests recently we noticed that all our tests from the inside network are not bypassing 100mbps, I checked all inside/outside...

AirSail by Level 1
  • 47 Views
  • 1 replies
  • 0 Helpful votes

Port security

Dears our CTO wants the whole company mac address to be added in a port security so that nobody outside the company can access our network, is there any alternative solution for adding all the mac addresses manually.

Resolved! ASA 5516 upgrade to 9,16

Hello ASA Gurus, I have an ASA 5516 running 9.9 and I m planning to upgrade to 9.16 (the latest supported version)This ASA is used as a main VPN concentrator,S2S VPNs are kind of mix, Ikev1 with old encryption ciphers, and others with Ikev2 with stro...

AirSail by Level 1
  • 552 Views
  • 7 replies
  • 0 Helpful votes

Heads Up: ArcaneDoor - trojans running on ASA/FTD became reality

https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/We have not determined the initial access vector used in this campaign. We have not identified evidence of pre-authentication explo...

tvotna by Spotlight
  • 82 Views
  • 0 replies
  • 0 Helpful votes

ikev2 VPN tunnel trouble shooting help

Howdy Cisco Community!Need your help as fairly new trouble shooting site to site VPN connectivity.I am unable to establish VPN connectivity per information below.Site:1crypto ipsec ikev2 ipsec-proposal CSM_IP_1protocol esp encryption aes-256protocol ...

Makoon by Level 1
  • 307 Views
  • 13 replies
  • 0 Helpful votes

Updated to Ubuntu 24.04. I am not able to use Secure-VPN anymore

Hi, as the title says, I am unable to connect to my Cisco Secure VPN after updating my OS from Ubuntu 22.02 to 24.04. The error I receive is"You are missing the required libraries for the authentication method you requested."Upon closer inspection, t...

rorororo by Level 1
  • 123 Views
  • 1 replies
  • 0 Helpful votes

Web Application Server

Dear Community,I'm asking for you guidance. I have come across a challenge on Cisco ASA version 9.8. Need to allow a web server to be access outside(Public) from DMZ Zone to Ouside Zone.  Per below configuration template. Nat is transilating but acce...

dissai by Level 1
  • 402 Views
  • 16 replies
  • 0 Helpful votes

VPN route-based unable to ping remote IP

Hi, I am currently encountering issue on route-based ipsec vpn. I cannot ping my remote IP also the remote tunnel. I have verified that there is no decap showing on packets. I already configured static route between each site and still unsucessful of...

FTD Software Upgrade - 7.0.4

Hi all,Looking to upgrade our 2110 FTD from 7.0.4 to 7.0.6.2.Do I need upgrade to 7.0.6 first and then to 7.0.6.2?I noticed the software download for both 7.0.6 and 7.0.6.2 were about the same size.However the FMCv 7.0.6.2 was half the size of 7.0.6.

How to configure a user for SNMP configuration on ESA ?

I want to monitory ESA devices on Zabbix. So I've configured snmp on ESA with snmpconfig command but Zabbix need a userID define so that it can pull all data not only icmp(ping). And there is no UserID settings defined/request during snmpconfig comma...

Givara B by Level 1
  • 744 Views
  • 1 replies
  • 0 Helpful votes

S2S VPN Cisco FTD (Managed by FMC) <=> Fortigate

Hi AllI have a S2S VPN connected at phase 1, however doesn't successfully negotiate Phase 2. The issue I have is that my Cisco FTD sits behind a NAT device. I have configured NAT-T.My configuration on my FTD has the local peer configured with the pri...

Max number of licenses available for Cisco ISE

I'm speaking of Essentials/Advantage/Premier. We use on-prem SSM.is there way to know how many licenses Cisco ISE gets from the binding to a virtual account on Cisco SSM?The only piece of information is the consumed ones, like knowing how many you ar...

anyconnect uninstall not removing everything

hey when I uninstall anyconenct and reinstall it all the old information is stillt here :/ how can I fix this? my guess is it is something int he registry but where exactly? I have looked but cant find it!

Load more
View All