Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2138
Views
6
Helpful
4
Replies

How to Universal Switch Configurations for 16.X Code 3650/3850/9x00

Go to solution
Axxiom
Level 4
Level 4

‎01-22-2018 03:49 PM

I am currently looking for any guides that are updated with correct information for 16.6.X Code running on 3650/3850/9300/9400/9500 platforms.

  1. IP device tracking replacement for 16.X Code - SISF is the current replacement
  2. IBNS 2.0 Is required for 16.6.x Code and on – I would like an updated document for this for 9x00 platforms running 16.6.x code
  3. Interface configurations with the above changes applied for port configurations.
1 Accepted Solution

Accepted Solutions

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎01-23-2018 11:06 AM

Hi Chris43290, we are working on an updated design guide for the switch configurations.

You need device-tracking command under every single interface with 16.X code. This is as part of the SISF changes.

There's isn't any changes that we are aware of for IBNS 2.0. Here's the IBNS 2.0 guide for you:

How To: Universal 3850 Wired Class-based Policy Language (C3PL) Configuration for ISE

Hope this helps,

~Hari

View solution in original post

0 Helpful
4 Replies 4

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎01-23-2018 11:06 AM

Hi Chris43290, we are working on an updated design guide for the switch configurations.

You need device-tracking command under every single interface with 16.X code. This is as part of the SISF changes.

There's isn't any changes that we are aware of for IBNS 2.0. Here's the IBNS 2.0 guide for you:

How To: Universal 3850 Wired Class-based Policy Language (C3PL) Configuration for ISE

Hope this helps,

~Hari

0 Helpful

Go to solution
Arne Bier
VIP
VIP

‎04-26-2022 09:05 PM

Hi @hariholla - I am looking for a detailed Cisco IBNS 2.0 guide that explains the C3PL events and classes in more detail. I was unable to access the link from you last post in 2018.  Do you have any other resources you can share? Although I am quite familiar with the C3PL config and I have used it many times, I still feel like it deserved a state-machine type of diagram that shows the even driven nature of this technology. We are used to reading IOS configs from top to bottom and this can be misleading in the case of C3PL because events are asynchronous. 

I also wonder what the definition of a "failure" is when used in cases like 

class XYZ do-until-failure .... so "session started" can experience different types of failures, as opposed to say, event authentication failures. It might be obvious to Cisco, but it would make it easier if we had a listing of what "failures" this C3PL can handle in each event category.

I don't see much written about the event that handles violations (MAC address related).

 

 

Go to solution
George_Spl
Level 1
Level 1

‎04-03-2023 06:36 AM

Hello All,

How can I download the guide? 

How To: Universal 3850 Wired Class-based Policy Language (C3PL) Configuration for ISE

I get a message that I am not authorize to download.

Please help!

Thanks.

0 Helpful
Customers Also Viewed These Support Documents