Scribd Logo
Upload

Welcome to Scribd!

  • Umbrella Issue

    Uploaded by

    Kupovits Attila
    105 views10 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    105 views10 pages

    Umbrella Issue

    Uploaded by

    Kupovits Attila

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Pre-requisites

     CiscoAnyconnect v4.8.0306 or above with Roaming security installed as shown in Step 1


     Cognizant VPN gateway and profile details (if information is not available, check with team lead)
     Access to Cognizant VPN (if access is currently not available, check with team lead)
     Proxy configuration after connecting to Cognizant VPN (check with team members/lead)

    Step 1 – Check Cisco Umbrella is installed

    Ensure that there is a module in Cisco Anyconnect that states “Roaming Security” as can be seen in the
    image below. If it is not present, reach out to EDP/IRM team to get it installed. Post installation, proceed
    with the remainder of the document.

    Step 2 – Ensure Umbrella profile is present

    In case you observe the below error, it means that profile has not been added or deleted.

    OrgInfo.json

    Double-click and open “OrgInfo.json” file. Click “save as” and save the file to Desktop (with the same
    name). Copy the file to “C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Umbrella\”
    folder.
    If you do not have permissions to paste it, raise a GSD request to the following CTI.

    Category: Cisco Umbrella


    Type: Agent
    Item: Issue with Agent
    Sub-Item: Profile Missing
    Group: GSD

    Step 3 – CTS_AlwaysON should not be present

    Open command prompt and execute the below command without quotes.

    “ncpa.cpl”

    Under Network connection check if there is a network connection named “CTS_AlwaysON”. If it is


    present (irrespective of whether it is active as shown below or greyed out), Umbrella will not function as
    expected. This is a known issue and IT team is working to remove it. You can inform the same to
    EDP/IRM team and do not have to proceed further. No need to raise GSD as well.

    Step 4 – Check if Umbrella certificate is installed

    Open Internet Explorer

    Click on “Settings” and select “Internet Options”

    Navigate to the “Content” tab and select “Certificates”


    Ensure Cisco Umbrella Root CA is installed by navigating to “Trusted Root Certificate Authorities” Tab

    If certificate is not present, follow the below steps to install it manually.

    Download the attached zip file and extract it.

    Cisco_Umbrella_Ro
    ot_CA.zip

    Double click and open the file. Click “Install Certificate”.


    Choose “Current User” and click “Next”.

    Choose “Place all certificates in the following store” and select “Browse”
    Select “Trusted Root Certification Authorities” and click “OK”.

    Click Next. In the next page click “Finish”


    Note - If there is a warning message, accept it and install the certificate.

    Once imported, the following pop-up will be displayed.

    Step 5 - Disconnect from Cognizant VPN

    Umbrella gets disabled in the background while connected to Cognizant VPN. Hence if you’re connected
    to VPN, ensure you disconnect from it.

    Step 6 - Check if Umbrella is functioning as expected


    Open command prompt and execute the command “ipconfig /flushdns” without quotes

    Open browser and enter the URL – welcome.umbrella.com

    The following result should be displayed.


    If there is a red colored warning that Umbrella is not working as expected, restart the system once. If
    issue persists, join the RRT bridge at the allotted time window to resolve the issue.

    Step 7 – Check if malicious sites are being blocked by Umbrella

    Open browser and enter the URL – internetbadguys.com and examplemalwaredomain.com

    The following result should be displayed. If such sites are accessible, join the RRT bridge at the allotted
    time window.
    Step 8 – Check if non-cognizant sites are blocked by Umbrella

    For Protocol A projects, all non-cognizant sites will be blocked by default. Only Cognizant sites and URLs
    approved for whitelisting will be accessible. Open browser and enter the URL – google.com or
    linkedin.com

    The following result should be displayed. If such sites are accessible, join the RRT bridge at the allotted
    time window.

    Step 9 - Cognizant sites are accessible

    Open browser and enter the URL – onecognizant.cognizant.com or office.com

    The sites should be accessible.


    Step 10 – Connect to Cognizant VPN

    Once the above tests have been verified, connect to Cognizant VPN. If unable to connect VPN due to any
    reason, reach out to GSD support.

    Once connected, wait for 30 seconds. Click on settings icon in the bottom left and select Roaming
    Security.

    Umbrella will be disabled once connected to VPN. If it still displays as “Protected”, join the RRT bridge in
    the allotted time-window.

    Step 11 - Check business URLs are accessible

    Configure Proxy Setting (if required):

    <<TEAM/PROJECT LEAD TO ADD THE APPROPRIATE PROXY SETTINGS HERE>>

    Check if all BAU related sites and customer VDI are accessible.

    <<TEAM/PROJECT LEAD TO ADD THE URLs TO BE TESTED>>

    If there are any issues with connecting to business URLs post connecting to Cognizant VPN (and
    Umbrella status is disabled as shown in the above picture) kindly raise a GSD request.

    You might also like