After deploying Remote Access VPN settings I’ve updated the default domain field under the Group Policy (GP) but got a deployment error. Lina messages ErrorCode: CFG-IN-PROGRESS Severity: error Description: com.cisco.ngfw.messages.DescriptionType@8b7c834 FMC >> clear configuration session OBJECT I was able to update the domain with some random name but not the …
Tag: Troubleshooting
I knew there were bugs related to External Radius Servers in ISE 2.7 but did not think it was that tricky. I had two policies in my policy set. One for testing and one for production. Radius Sequence was working fine on the testing policy so I’ve added it to …
Came across this issue when an un-answered DUO push takes down AAA servers on ASA into a failed state essentially preventing everyone from VPNing in. Design was similar to this post. In short un-answered DUO push on DUO proxy would cause ISE “Radius request dropped” log message due to “11353 …
Mail queue started filling up on one of the Ironports after this alert. The url_rep_client was restarted due to an error. Looking at the logs I see this error. grep “unable to” mail_logs -t ACCEPT SG None match sbrs[none] SBRS unable to retrieve country unable to retrieve DNS checked out …
After IOS XE switch upgrade from 3.6.x to 16.9.x I lost port-channel configuration. While trying to apply it back on to the interface I got this error Command rejected: conflicts with IPv6 Snooping (FHS). This can be a potentially dangerous situation if the upgrade was done on the remote switch …