Recently I setup a PoC for remote users with Anyconnect client and OpenDNS. The idea is to control DNS queries on split tunnel RA VPN connection based on organization’s acceptable use policies and to protect from malicious threats on the Internet. I went with OpenDNS Virtual Appliance deployment option to …
Tag: Troubleshooting
When you first start working with Cisco Firepower Management Console you may be overwhelmed because of so many screens, graphs, tables, and tabs. Today I came across one simple task where the site was blocked with HTTP response page, but website category was allowed. With one block page for all, …
Recently due to several issues I had with Sourcefire 6.0 code, I went through downgrade exercise taking it back down to version 5.4. With Sourcefire, there is no simple way to roll back from one version to another. Configuration backup helps with Defense Center however Sensors can not be rolled back to the previous …
Cisco ISE has huge reporting section but only a few of the reports are useful to me. So the need came up for a flexible searching and reporting tool. Splunk seemed to be a great candidate especially since it has all the plugins available and Cisco Security Suite App adds …
Recently I’ve discovered that Apple i-Devices (iPhone’s and iPad’s particularly) will not work well when provisioned for EAP-TLS with Single broadcasted SSID. In my case device would successfully complete provisioning for certificate based authentication but re-authenticate again as PEAP. One of the workarounds was to forget SSID after provisioning and …