Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,Evaluating TrustSec / ISE prior to deployment, I've already come across the pitfalls of using a "default deny" / deny policy with the 'unknown' destination SGT - as the DGT is only known at the destination (but enforced at the source).Is there any...
We currently have a number of Nexus 5548 (running 7.0(5)N1(1)) in a Farbicpath. Pairs of these Nexus switches run vPC+ to downstream switches all working fine. The vPC+ configuration looks identical to a normal vPC configuration, but is part of a Fab...
We're running 3.8.4 on the 4500-X (a VSS pair). The support request is currently with our provider, so I don't have a Cisco TAC reference to give you (yet).
Hi,Thanks. Adding a matrix of permit from every SGT to <unknown> destination would work (although feels a little clunky). As a side problem, our 4500-X are having issues with BFD when a PERMIT trustsec policy is applies to the NDAC SGT (support case ...
Hi,Thanks for the confirmation. The document you referenced wasn't one I had managed to find myself.I said I want to dual-home devices to both FEXs however this is going to be a limited case. Most of the devices we will be connecting to the FEXs only...
