Incredibly detailed video. Thank you, this is exactly what we need to quickly deploy these. I hope more are coming - great work!
@ShubhamYadav-yw4iy2 жыл бұрын
Didn't realize that the certs are essential before watching this video. Thanks much!
@Sedh8919 Жыл бұрын
Hi great video, I hope your still able to answer question. For Certificate section: CA1 the intermediate cert did u generate CSR using the internediate cert? Or the CSR was generated using CA 2?
@CiscoCommunity Жыл бұрын
Thanks for the question! Please take a look at the discussion here: cs.co/6058u1cGK and ask further question based on your scenario for quick peer support. Hope it helps!
@bigmacdoubleyouv4 жыл бұрын
Im curious - on the ASA you have to have a service account created. Is there a reason you do not use a service account for this? I have watched the Cisco video as well and they did not use a service account. How does the FMC get access to the AD server without a service account?
@cjbidwell3 жыл бұрын
Curious, can I generate a CSR on a Linux server, use that CSR with my CA to generate my certificate and import that into the FMC? I'm confused in the first part of this video where you obtained that ca1 certificate? Where did you generate this?
@billibarou3 жыл бұрын
No because the FTD/FMC has no key import feature. The CSR must be generated on the FMC.
@Bormanb233 жыл бұрын
HI, just curious why do you need the ACP policy you created LAN > VPN POOL, is this for a LAN host to access the VPN Clients?
@overproof14602 жыл бұрын
Is there any reason that you have the U-Turn/Hairpin rule @37:40 as Manual NAT instead of Auto NAT as per the AnyConnect Config Example?
@naturepeace3653 жыл бұрын
Hi, I want assign the static IP to anyconnect client . I am using FMC IPpool and on System(Laptop) I configured static IP on Mobility client interface but it did not work out. Any sugesstions?
@yassinalizadeh55613 жыл бұрын
Hello. In my scenario I have a private IP address on my FTD outside interface and route public address to it from our ISP. How can I run AnyConnect on my FTD with private IP address on Outside Interface?
@youngjinyu63204 жыл бұрын
When using FMC IP pool, I often receive the IP address when connecting to Anyconnect IP is not received when DHCP server is specified Enabled use of DHCP in Advanced tab Do you know what the reason is?
@boyahugahugawekwek28473 жыл бұрын
hi... in case i need to remove map-value memberOf...do i need to apply via flexconfig ? by adding " no mam-value...."
@geraldstefan29523 жыл бұрын
Great video helped me a lot. Thank you. I have another question, how could I do the remote access of the VPN connectivity to the other 2 sites over the VPN tunnels? What do I need in order to do so? (NAT+ACP) both of them? Thank you very much.
@networkguru67123 жыл бұрын
Hi i have pppoe connection for internet, and Cisco doesn't have dyndns site like fortigate fortiddns to map my dynamic ip with site, is there any way I can configure the remote access vpn?
@Bormanb233 жыл бұрын
Also your first policy allows all traffic anyany not a good example :)
@mtownpyro71983 жыл бұрын
sounds like this guys is whispering ...geezz
@didco Жыл бұрын
So now we have to use GUI to type in CLI commands and pray that there will be no typo - to setup LDAP and attribute maps in particular. Do you realize how much your products have degraded over the years?
@kronos15053 жыл бұрын
Can you configure the AnyConnect VPN to do Local authentication without LDAP?