Hi, On a FPR running in ASA mode, i have logged an ACE for traffic leaving this interface (incoming from ASA context). The logs are being sent to Elastic. When I am looking for the logs I see some strange results. This is my ACE: access-list acl_A ex...
HI all, I hope somebody can help me with the following situation:I have AAA enabled on our switches with 3 NPS servers. All users ports have 802.1x enabled. If the first NPS server goes down the users can't authenticate anymore. Even though I can sti...
Hi Guys, Is vWLC able to do MAC address Bypass?I have an WLAN running [WPA2][Auth(802.1X + CCKM)]. I want to join to this WLAN some devices that don't support 802.1X (like ACs, TVs etc). All go to a guest vlan so they don't get access to the corporat...
Hi Could you guys help me understand MAC filtering?On a 802.1x secured SSID if I enable MAC filtering will this be on top of the 802.1x or will bypass it? I mean if I have a MAC saved in the list that means that this MAC will bypass the 802.1x or it ...
Hi I hope somebody can help me with the problem I am facing. I am trying to setup on our switches (different models C9300, 3650 etc) access over GUI for our IT helpdesk to be able to do basic modification like interface description, shutdown and VLAN...
the ACL_A has something like this : access-list acl_A extended permit ip object-group DEV A 10.0.0.0 255.0.0.0 log warningsinterfaces A, B and C have Security 0 inside has 100
Sorry maybe i didn't understand something or i didn't express myself ok or I am stupid This is what i have : Traffic would flow like this: Let's take ACL_A : This ACL would filter traffic comming from Dev A and going to either Inside, B or C interfa...
Isn't it the other way around? What am I getting wrong? ACL should be from the ASA context point of view right? PS: All my traffic is originating from Interface C devices
I tried adding the command radius-server retry method reorder and I also added the radius-server dead-criteria time 5 tries 3 and dead server deadtime 5 In my test environment, it seems to be working. I enabled this in one of our offices to see if i...
