Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm trying to authenticate users (fomr VPN 3005 Concentrator) wire Kerberos (with preauthentication) on a Windows DC Server.In the network trace is see that the respone from the Windows Server is too bi (error code 52).Normal behavior should be that ...
Hello everybodyAltough VRF lite (or Mulit VRF) seems to be a Service Provider Tecnology.Does it make sense to use it in an Enterprise Network to isolate Networks from others ?I cant find any design paper which describes if this would make sense.What ...
Hello,i'm trying to create a Port-Based Network Access Control using 802.1X. With EAP-MD5 it works fine but if i use EAP-TLS the authentication won't work.I'm using Windows XP Sp1 as client (supplicant), as authenticator an Catalyst 2950 Switch and t...
Hello,Unfortunately there is not a single Document with summarized information about the available switching method used in all the different Catalyst Switches.Does anybody know what the Cat2950 and Cat3500 series use as switching method ?- Fragment ...
On the Cisco 3005 you can assign a locally defined filter to an local user. Since i'm using Radius for authentication and authorization, i would like to assign the filter from there.Unfortunately i couldn't find a corresponding CVPN-3000 attribute fo...
There are different values you can set in the DSCP. It is a 6 bit field in the IP header while CoS is a 3 bit field between IEEE 802.1q or ISL-Links (only 8 different possible values).How you mark your traffic (which DSCP number) depends on what you ...
A look in the Cisco documentations says:Cause The issue can occur due to Spanning Tree Protocol (STP) loops in the network that cause packet drops from the specific host. In addition to packet drops, STP loops lead to several other symptoms, which ar...
Depending how your router is configured every control plane thingy can utilize the CPU.F.E. type "show proc cpu" may your STP-Prozess takes up a bit of CPU cycles for generating BPDU's ....
Okay, i try to be more specific.Cisco Concentrator sends a AS_REQ to the Windows DC (KDC).The User has many attributes which don't fit into one UDP Segment (the AS_REPLY).Now Cisco Concentrator should switch over to TCP. But this does not happen.May ...
Thank you for your help. The MTU game didn't help us much.Finally the problem was the IOS Version! For example the Catalyst 3550 supports EAP-TLS since Version 12.1(12c)EA1a. So the problem is solved now.Hope this helps others to identify EAP-TLS Pr...
