We have a Cisco WLC  AIR-CT3504-K9 version 8.10.105.0 and we are running Chrome on  79.0.3945.130. Prior to these version upgrades we were able to access the WLC from MS IE but each time we attempted to access via Chrome on the previous version we would not be able to access on the first attempt. We would repeatedly get the username/password prompt until we either killed the Browser, killed the tab or re-entered the URL. After that access was allowed until you logged out and repeated the process at which time you would get the same issue. We had a TAC case open for months on this and went round the barn several times with no movement.  It was believed by TAC that our shared secret was to blame but that was a red herring since all other devices had no issues with that shared secret. We reached out to Chrome but never got a reply, the TAC Engineer did the same from their end but didn't receive a reply. Finally one weekend we had to update the WLC and at during that same window Chrome dropped an update. It's been working ever since. If you happen to have this issue where Chrome doesn't allow access but IE does check your versions, most likely on your WLC as if your using Chrome you likely to be updated by now, and try updating one test and then update the other and test. You may fix the issue. If you do or don't please drop me a line with your findings.   ej ... View more

Does anyone know if a fix is in the works for this third party backup issue? Having the ability create snapshots of the VM during an ISE patch or upgrade would be so much of a time saver if something were to go south during the process.    ej ... View more

Hello, in the newer Denali an Fuji IOS XE formats, there was a document that explained the package makeup, what the individual files were and how they interact with switch. Does anyone have an idea where that information can be found now? I tried release notes, googling etc.. but not finding exactly what I'm looking for. The reason I'm asking is we have some 3850's that require cleaning using the request platform software package install command. I'm getting a file type of SPA.conf that is of the currently running image. All other files are for the version of the IOS that I wan't cleaned off so we can install the new image. I believe this is hampering Cisco Prime's ability to push the new image up. Told Prime to initiate a cleanup of the old files but it's not happening on 3 of the 7 switches. ej ... View more

We have a Cisco 3500 WLC and when accessing with IE or EDGE it works; however, when using chrome it fails the first time then you kill the tab, or the browser or adjust the URL and it connects. You do some work, disconnect and then try to reconnect and it starts all over again.  Anyone seen this issue?   ej ... View more

As you can see from the title I have a question about ISE 2.4 TACACS+ and a shared secret mismatch error. We are able to access the device, WLC 3504,  via SSH and the RADIUS live logs report connections; however, on the TACACS+ side there maybe in issue. What makes it interesting and difficult to track is that the error doesn't display what account is attempting to log in to the WLC and failing, see the attached screenshot. The only thing I have to go on is that when I do see this error it is surrounded above and below by a service account that is successfully connecting to the same device, the WLC. I double checked and changed the shared secret so we know they are the same in all entries of Network Devices. My questions is: How do you identify which user/device is attempting to connect via TACACS+ if no account name is displayed in the live log or the Identity column?   ej   ... View more

We currently have Cisco PI 3.6 on a VM. I've been looking at the APIC-EM license and was wondering who out there is using this and what functionality do you get out of this license? We are currently integrated with our ISE 2.4 VM and use PKI (CAC) access through that for our infrastructure switches. We use TACACS+ and RADIUS for our Ironports, Proxy servers etc... We have under 500 devices feeding Prime at this time but will be adding up to 100 more AP's and possibly another WLC. From what I read on the Cisco site this license is free, yea!, but what's the return for adding another license to my PI?   ej ... View more

Our IA department was doing scans and they got a hit on a plugin. Our SSL Certificate is a third party trusted CA and until now we have had no issues. Has anyone had this finding appear?   ej ... View more