Im curious - on the ASA you have to have a service account created. Is there a reason you do not use a service account for this? I have watched the Cisco video as well and they did not use a service account. How does the FMC get access to the AD server without a service account?
Hi great video, I hope your still able to answer question. For Certificate section: CA1 the intermediate cert did u generate CSR using the internediate cert? Or the CSR was generated using CA 2?
Thanks for the question! Please take a look at the discussion here: cs.co/6058u1cGK and ask further question based on your scenario for quick peer support. Hope it helps!
Curious, can I generate a CSR on a Linux server, use that CSR with my CA to generate my certificate and import that into the FMC? I'm confused in the first part of this video where you obtained that ca1 certificate? Where did you generate this?
Hi, I want assign the static IP to anyconnect client . I am using FMC IPpool and on System(Laptop) I configured static IP on Mobility client interface but it did not work out. Any sugesstions?
Hello. In my scenario I have a private IP address on my FTD outside interface and route public address to it from our ISP. How can I run AnyConnect on my FTD with private IP address on Outside Interface?
When using FMC IP pool, I often receive the IP address when connecting to Anyconnect IP is not received when DHCP server is specified Enabled use of DHCP in Advanced tab Do you know what the reason is?
Hi i have pppoe connection for internet, and Cisco doesn't have dyndns site like fortigate fortiddns to map my dynamic ip with site, is there any way I can configure the remote access vpn?
Great video helped me a lot. Thank you. I have another question, how could I do the remote access of the VPN connectivity to the other 2 sites over the VPN tunnels? What do I need in order to do so? (NAT+ACP) both of them? Thank you very much.
So now we have to use GUI to type in CLI commands and pray that there will be no typo - to setup LDAP and attribute maps in particular. Do you realize how much your products have degraded over the years?
Incredibly detailed video. Thank you, this is exactly what we need to quickly deploy these. I hope more are coming - great work!
Didn't realize that the certs are essential before watching this video. Thanks much!
Im curious - on the ASA you have to have a service account created. Is there a reason you do not use a service account for this? I have watched the Cisco video as well and they did not use a service account. How does the FMC get access to the AD server without a service account?
Hi great video, I hope your still able to answer question. For Certificate section: CA1 the intermediate cert did u generate CSR using the internediate cert? Or the CSR was generated using CA 2?
Thanks for the question! Please take a look at the discussion here: cs.co/6058u1cGK and ask further question based on your scenario for quick peer support. Hope it helps!
Curious, can I generate a CSR on a Linux server, use that CSR with my CA to generate my certificate and import that into the FMC? I'm confused in the first part of this video where you obtained that ca1 certificate? Where did you generate this?
No because the FTD/FMC has no key import feature. The CSR must be generated on the FMC.
Is there any reason that you have the U-Turn/Hairpin rule @37:40 as Manual NAT instead of Auto NAT as per the AnyConnect Config Example?
HI, just curious why do you need the ACP policy you created LAN > VPN POOL, is this for a LAN host to access the VPN Clients?
Hi, I want assign the static IP to anyconnect client . I am using FMC IPpool and on System(Laptop) I configured static IP on Mobility client interface but it did not work out. Any sugesstions?
Hello. In my scenario I have a private IP address on my FTD outside interface and route public address to it from our ISP. How can I run AnyConnect on my FTD with private IP address on Outside Interface?
hi...
in case i need to remove map-value memberOf...do i need to apply via flexconfig ? by adding " no mam-value...."
When using FMC IP pool, I often receive the IP address when connecting to Anyconnect
IP is not received when DHCP server is specified
Enabled use of DHCP in Advanced tab
Do you know what the reason is?
Hi i have pppoe connection for internet, and Cisco doesn't have dyndns site like fortigate fortiddns to map my dynamic ip with site, is there any way I can configure the remote access vpn?
Great video helped me a lot. Thank you.
I have another question, how could I do the remote access of the VPN connectivity to the other 2 sites over the VPN tunnels?
What do I need in order to do so? (NAT+ACP) both of them?
Thank you very much.
Also your first policy allows all traffic anyany not a good example :)
sounds like this guys is whispering ...geezz
So now we have to use GUI to type in CLI commands and pray that there will be no typo - to setup LDAP and attribute maps in particular. Do you realize how much your products have degraded over the years?
Can you configure the AnyConnect VPN to do Local authentication without LDAP?