About aavnet89

aavnet89 · 07-22-2024

Hello,My ISE system is experiencing High Authentication Latency, upwards of 11,000MS. Specifically for VPN users. The users in question are remote workers, utilising AnyConnect, proxied through Meraki Security Appliances, with Duo acting as the MFA p...

aavnet89 · 02-20-2024

Good morning, good afternoon, good evening,I am currently in the process of adding an additional Service Policy Node at a branch office, providing first response authentication, locally to site. This node is adopted and syncronising within the distru...

aavnet89 · 11-08-2023

Hello, Cisco Community,With the recent announcement of multiple vulnerabilities in Cisco IOS XE Software Web UI Feature, CVE-2023-20198 and CVE-2023-20273 respectfully. I have taken to closing any holes that afflict our environment. My concern (howev...

aavnet89 · 09-07-2023

Hello, Cisco Community, I have a simple OSPF configuration, two core switches connected via a P2P link. One at our HQ and the other at our DR site. I need to route an off-network subnet into OSPF, as the network is not currently available within the ...

aavnet89 · 08-31-2023

Rockwell's FactoryTalk services (Platform, Networking Manager, View Software, Policy Manager, System Services) as a product group achieve device authentication, data integrity and data confidentiality, by means of certification, cryptographic protoco...

aavnet89 · 07-23-2024

Super, thanks ahollifield.

aavnet89 · 02-22-2024

To add context, the encrypted key as viewed on the NAD is different for each ISE node configured (primary and secondary respectively), i.e. switch1 has an encrypted key for ISE1 and an encrypted key for ISE2. When reviewing the ISE configuration via ...

aavnet89 · 02-21-2024

Thanks, ahollifield. An option, I have concidered.To add context, the encrypted key as viewed on the NAD is different for each ISE node configured (primary and secondary respectively), i.e. switch1 has an encrypted key for ISE1 and an encrypted key f...

aavnet89 · 11-09-2023

Thanks, Scott,The CPU ACL looks to certainly be what I need. In terms of transport services, I will perform an invisible port-scan to identify open TCP services.Thanks again to you all.

aavnet89 · 11-08-2023

Thanks, Marce1000,The vulnerability isn't the focus point, simply back-fill to provide detail where possible. My question relates more to restricting access to the MGMT interface of a WLC without impacting services and or the production environment, ...

Member Since	‎08-31-2023 12:42 AM
Date Last Visited	‎07-23-2024 01:04 AM
Posts	21
Total Helpful Votes Received	1

User Statistics

User Activity

High Authentication Latency to Public IP Addresses - ISE

Switch Server RADIUS Config Post SP Node Addition

WLC MGMT Interface Access Control

OSPF Routing Advertisment for External E1 (Type 1)

CIP Security - Cell Firewalls

Re: High Authentication Latency to Public IP Addresses - ISE

Re: Switch Server RADIUS Config Post SP Node Addition

Re: Switch Server RADIUS Config Post SP Node Addition

Re: WLC MGMT Interface Access Control

Re: WLC MGMT Interface Access Control