Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi Guys,We are currently using a public ca signed certificate for DNA and need to use an internally signed CA certificate for PNP to add the SAN options. Will we need to reprovision or re-discover the devices we are monitoring for assurance when we d...
Hi Guys!I've looked at some example configurations and community posts. I have the following topology:Foreign WLC [9800] <---> Anchor WLC [5520] <--> DMZ interface (Dynamic interface group with multiple VLANs)We want to use the Anchor WLC DMZ that ha...
Hi All,When relying on an external proxy server for the return VLAN (as they have the identity information for the authorisation policy) is there any way we can define on ISE what VLANs they are actually allowed to return? I think this could be a sec...
Hello All,From my understanding of documentation, CDP/LLDP would not be allowed until a port is authenticated when in closed mode. Low impact mode can be used for DHCP/DNS etc but CDP/LLDP being a layer 2 protocol what options do we have if using for...
Hi Guys,I've done quite a bit of research the last few days and trying to draw up a design for moving our voice which is daisy-chained onto SD-Access and struggling with a few questions.If I want a phone to utilise the voice VLAN (which I presume aut...
Thanks for the response. Unfortunately, we need the authorisation policy to be returned by the external RADIUS server as it has the identity information. From my googling - I don't think it's possible on ISE!
Hi Rob,I believe dot1x in closed mode will not allow CDP/LLDP/DHCP to function and therefore profile the device initially so it will not be able to get to that state?ThanksKT
Thanks, Sergiu for your reply. To clarify, the VPC is one link on each Border Leaf and we do not wish to take out the resilience. So my understanding is I will need to get another physical link in to get around this caveat?
