Hi Hari,
Thanks for the Doc. Good info - as always.
However, Based on my testing, it looks like the functionality of "assigning a new Interface-Template dynamically" is full of bugs on multiple different IOS versions (specifically I have tried this with 3850 IOS-XE 16.3.7 and 16.9.1 with ISE 2.3 Patch4). Can you please comment on this, as we've been trying to implement this as part of Flexible-Auth, so, a port can handle PCs/Phones/WAPs/Edge-Swtiches without any static port assignments (essentially, a one port config to rule them all, or at least most of them) - which sounds like a sensible "no-brainer" kind of a thing to do. But in reality, this feature seems like not well-tested functionality from Cisco's end. Just wanted to check with you your thoughts around this as I have seen some great CiscoLive sessions and other presentations from you covering this topic.
Thanks
hi,i need to lock down SIP ports on an ASA FW towards our internal SIP/voice GW:external SIP 208.x.x <> ASA FW <> 66.x.x.x internal voice GW per my google, SIP is TCP/UDP port 5060 but i can see some had 5061.there...
view more
Hi team.Please forgive me if this is not the correct list I should be sending this message to.
One of our strategic customers in Brazil is very interested in doing downlink MACSec towards the endpoint (switch-to-user)
The challenge is that they are a str...
view more
I am trying to get AMP for ESA set up on our IronPort C170 appliance running ASyncOS 11.0.3. I believe I have my settings correct, however, files that have a verdict of unknown are not being uploaded for analysis. Perhaps I'm missing something? I have mad...
view more
Hello folks,
I am running an ISE POC using only the ISE Context Visibility Wizard and this works fine. We are using all parts of the wizard including the psexec function to look at applications running on windows machines via Anyconnect in the backg...
view more
