Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all, SGACL is not getting enforced for hosts that are located in the esxi network.Like for testing, we are trying to block icmp from a BYOD tagged user to the DOMAIN Controller (which is tagged static) Enforcement wont work, please suggest, I ...
Hello all, I am trying to test getvpn using gkm in a very simple lab topologykey server is in the global routing tableand group member is in a vrfI am able to complete the registration to key server from group memberbut when i try to do the registrat...
hello, please see my topology (attached) I am testing Gikev2 GET VPN via VRF aware setup where router 1 and router 3 (int g0/0) are in VRF-A where router 4 and router 3 (int g0/1) are in VRF-B Key server is in Global routing table I had enabled route...
Dear All, I have a simple setup with two routers (acting as server and client), where I am trying to test flexvpn using certificates. I am getting below error IKEv2:% Received cert hash is invalid, using configured trustpoints from profile for signi...
Hello, I get below error when tried to send an email between members in the same domain |New SMTP ICID 294 interface Management (192.168.10.11) address 192.168.10.110 reverse dns host l-cl-3.lab.net verified yes|ICID 294 RELAY SG RELAYS match 192.16...
@Damien Miller also, had the same issue from the clients connecting wireless, so just had to add dot1x to the port connecting to AP, that solved the problem toointerface GigabitEthernet4/0/2description from-apswitchport access vlan 10switchport mode ...
@Damien Miller was able to fix the issue, since the interface to esxi was a trunk port, we need to enable dot1x on trunk ports is this the correct approach? SW-02(config-if)#do show cts role-based sgt-map allActive IPv4-SGT Bindings InformationIP Add...
hello all, was able to fix the issue, since the interface to esxi was a trunk port, we need to enable dot1x on trunk ports as wellis there any other solution, please let me know,SW-02#show run int Gi4/0/45Building configuration...Current configuratio...
finally got it working crypto ikev2 policy POL-A match fvrf CUSTA proposal PROP-A crypto ikev2 profile PROF-A match fvrf CUSTA match certificate CERT-1 identity local fqdn R3.LAB.NET authentication local rsa-sig authentication remote rsa-sig pki trus...
