Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all:Looking for some assistance with trustsec enforcement within a Cisco SDA fabric, and the best place for policy enforcement for devices external to my SDA fabric.I have configured Group Based access control setup in catalyst center. Trustse...
Morning All:We're in the process of trying to transition to IPv6 only at our organization, but are running into a few stumbling blocks for where we should be configuring NAT64 for resources that can only run, or still only have IPv4 addresses. I'm l...
Morning Cisco Forums,I'm looking for some guidance on the process of replacing ISE administration nodes, in a 4 node cluster. In our current environment, we're running ISE version 3.4p4, and have a primary/secondary administration node, and 2 policy...
Morning World:TLDR:What value is EAP chaining providing me at this point in time? Is Machine authentication & posture assessment "good enough"? Because of our environment, machine cert fallback no longer works when a PKI certificate (User CAC Card)...
Hello Cisco Community:VPN and AnyConnect, VPNWe're working on pushing out the latest releases of Cisco Secure Client. Recently, we migrated our environment's VPN head-end concentrators from legacy ASA5555X's, to FirePower 4110's. Previously, in ASA...
Thank you for your response. I understand the complexity of this discussion, and I initially aimed to keep things high-level.To provide more context, we currently have a single fabric. The underlay is V4 (ISIS). CatCenter only supports V4 for the ...
Thank you very much for the recommendation. I tried this over the weekend, and I'm still seeing /dev/opt directory filling up relatively quickly (went from 13% to 24% in a matter of 24 hours). The other "ghosts" post-upgrade that I'm seeing are err...
