Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi everyone,I ran into an issue today while configuring SSH on an older Catalyst 3560 running IOS 12.2.The setup was complete with hostname, domain name, RSA keys, and a local username.When I entered login local under the VTY lines, the switch return...
Hi Cisco Community,I wanted to ask about QoS for WAN links where both voice and video traffic are present. My questions:Do you prefer using LLQ (Low Latency Queuing) for voice and shaping video separately?Any real-world challenges with DSCP markings...
Hi Everyone,In enterprise LANs, I usually enable DHCP snooping for security — but it sometimes causes issues if trust is not configured correctly on uplinks. Quick questions:Do you enable DHCP Snooping by default on all access VLANs?Do you also use ...
Hi Cisco Community,I faced a situation where OSPF neighbors were stuck in INIT state and not forming fully. Usual checks like hello/dead timer mismatches or interface types can cause this. My questions are:What are the first things you check when OS...
Hi Cisco Community,In a recent setup, I noticed many users getting disconnected frequently from Cisco APs, even though the wireless LAN controller (WLC) seemed fine.My questions to the group are:What are the first things you usually check when client...
Hi Mat,You are right — Cisco ASA release 9.18.4.68 does not yet have release notes published on the Software Download page. This version is an interim build / patch release, usually posted to fix specific bugs, but the detailed notes often follow lat...
Hi Wes,That message is expected with DNAC 2.3.7.9. Cisco added mandatory Fabric/LISP routing updates in this release. Each fabric site needs to have these updates applied within the grace period (176–180 days), otherwise DNAC will not allow you to ma...
Hi Rob,Thanks a lot for your detailed explanation You’re absolutely right — with multi‑vendor VPNs, relying on vendor defaults usually causes mismatches. In my case, FortiGate was using AES‑256 (cbc) while the Cisco ASA was expecting AES‑256 (gcm), ...
Hi Chandhuru,Good question Normally, when you re‑import or update the DNAC‑CA certificate, the WLC will apply it without needing a full reboot. However, some changes (like trustpoint regeneration) may require you to restart the management services on...
