ISE 2.4 Posture using SNMP COA with extreme switches
This document describes the posture configuration with 3rd party switches (Extreme switch ).
Cisco recommends that you have knowledge of these topics:
• Basic knowledge of SNMP Protocol
• Prior knowledge of regular expressions
• Prior knowledge of Cisco Identity Service Engine (ISE)
• Identity Service Engine 2.4.
• Anyconnect 4.5.03040.
• SNMP Supported Switches
• Extreme Switch.
The information in this document is based on ISE Version 2.4 & extreme switch X440-48p version 16.2.
The information in this document was created from the devices in a specific lab environment. All of the devices
used in this document started with a cleared (default) configuration. If your network is live, ensure that you
understand the potential impact of any command.
Two new feature had been used to get the posture work with extreme switches :
1. Call home list in ISE 2.2 and later :
Extremes switches don't support the URL redirection , so we used this feature to allow AC posture to discover
the PSN and to make a connection with it.
2. SNMP COA separate request in ISE 2.4 :
this feature has been developed in ISE version 2.4 to fix BUG CSCvd06733.
current SNMP CoA sends both values (disable/enable) in same request. The Extreme switch can not perform this request. it requests each value in different request, and this feature fix the compatibility issue with extreme switches.
Step.1 AAA & Dot1X configuration:
- configure radius netlogin primary server (PSN IP address) 1812 client-ip (Switch IP address) vr VR-Default
Have been reading through release notes and upgrade paths for Firepower... not sure how to proceed
Am at 6.2.0
need to get to 220.127.116.11
What are the intermediary updates that I need to install
I'm finding it hard to understand the correct process of backup and restore for ISE with regards to BYOD and certificates. I have a two node deployment with Primary PAN and Secondary PAN. BYOD is working and we have 300 registered devices with issued...
I have been using the ISE EAT tool for a while but over the past couple months I have rarely been able to get a report pulled using ISE EAT tool. I have around 45k endpoints in the database.
Most times it get stuck at around 26k endpoints and...
Hi all,I am currently preparing the CCNA Security 210-260 [not a piece of cake :( ]I don't find any clear information regarding the inheritance source. ie : From a created Group Policy, the Banner option can be written (if Inherit is unti...