About richard.harvey

richard.harvey · 06-15-2017

Hi, I am getting to grips with a TrustSec design for a large multi-service building LAN where I intend to segregate guest, building management services, CCTV, lighting, etc using SGTs. Components will be 3850 L2 access, 4500x L3 distribution/core, IS...

richard.harvey · 11-09-2007

SW 3.0(0)A1(4)I've configured SSL initiation and noticed that a successful session is established despite no valid root CA cert installed on the ACE.Does client SSL just work regardless without any cert validation?

richard.harvey · 06-15-2017

Sounds like an interesting / similar project Andy. I would have planned to use Critical Authentication mode for the ISE down situation. I understand the existing cached SGT data is used until ISE is back. http://www.cisco.com/c/en/us/td/docs/ios-xml/...

richard.harvey · 06-03-2005

Generally I would say it is good practice to override the 75% maximum-reserved-bandwidth for an interface as long as you design the MQOS service-policy with a class that reserves a minimum ammount of bandwidth for routing and control traffic.I have s...

richard.harvey · 06-02-2005

I agree that 0/0 should not be redistributed back in to EIGRP. However, to achieve failover/failback functionality between the sites you need to redistribute the default route into BGP with a different metric at each PE.This will always give priority...

Member Since	‎11-12-2004 07:11 AM
Date Last Visited	‎05-30-2019 01:55 AM
Posts	5
Total Helpful Votes Received	5

User Statistics

User Activity

TrustSec campus segmentation design approach

ACE SSL Initiation - no check of server cert?

Sounds like an interesting /

Re: MPLS QoS - Cisco recommendation

Re: Issue with MPLS VPN default routes, using EIGRP between CE-P